Inactive Possible virus blocking internet connection

Lolitsbrittxp

Posts: 12   +0
Hello all. I've been reading multiple threads to find out what my problem could be but I just can't seem to correct it no matter how many times I have tried! A couple days ago I downloaded a harmful file, and after trying to remove it, my computer only got worse. It started off as white smoke, but spiraled into many different things after that. Before I downloaded it, my computer connection was perfect, no random DC's, fast computer, everything. After that, my computer is obviously slower as well as my internet. My router is brand new, and loads instantly on other computers however takes a while to load on mine compared to what it was before. I've wiped my computer, as well as installed Bitdefender, comodo firewall, Malyware bites, CC cleaner, Spybot search and destroy and none of them can find the problem at all! It's very protected, and since installing these programs, my computer runs a bit faster but not as fast as it used to. Can anyone please help me find the root of this problem so I can hopefully return it back to how it was. Thanks much!
 

Broni

Posts: 55,924   +506
Welcome aboard

Please, complete all steps listed here: https://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/
Make sure, you PASTE all logs. If some log exceeds 50,000 characters post limit, split it between couple of replies.
Attached logs won't be reviewed.

Please, observe following rules:
  • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
  • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
  • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
  • Never run more than one scan at a time.
  • Keep updating me regarding your computer behavior, good, or bad.
  • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
  • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
  • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.
 

Lolitsbrittxp

Posts: 12   +0
Hello, thank you for replying so fast, I really appreciate it! Here is my info~

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16537 BrowserJavaVersion: 10.17.2
Run by Brittney Boo Boo at 13:11:58 on 2013-04-14
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8169.4810 [GMT -7:00]
.
AV: Trend Micro Titanium Internet Security *Disabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902}
AV: Bitdefender Antivirus Free Edition *Enabled/Updated* {9B5F5313-CAF9-DD97-C460-E778420237B4}
SP: Trend Micro Titanium Internet Security *Disabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Enabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: COMODO Antivirus *Disabled/Outdated* {FEEA52D5-051E-08DD-07EF-2F009097607D}
SP: Bitdefender Antivirus Free Edition *Enabled/Updated* {203EB2F7-ECC3-D219-FED0-DC0A39857D09}
FW: COMODO Firewall *Enabled* {7DB03214-694B-060B-1600-BD4715C36DBB}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe
C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\HitmanPro\hmpsched.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
C:\Windows\system32\WLANExt.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Asus\Rotation Desktop for G Series\AsusUacSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
C:\ExpressGateUtil\VAWinService.exe
C:\Program Files\Trend Micro\Titanium\TiResumeSrv.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.0.0\ToolbarUpdater.exe
C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
C:\Program Files\ASUS\P4G\BatteryLife.exe
C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\Roxio\CinePlayer\5.0\CPMonitor.exe
C:\ExpressGateUtil\VAWinAgent.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files\Fresco Logic\Fresco Logic USB3.0 Host Controller\amd64_host\FLxHCIm.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Windows\SysWOW64\ACEngSvr.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\WimaxConsole.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files\COMODO\COMODO Internet Security\cis.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Windows\system32\sppsvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Comodo\Dragon\dragon.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://asus.msn.com
uDefault_Page_URL = hxxp://asus.msn.com
uURLSearchHooks: {00000000-6E41-4FD3-8538-502F5495E5FC} - <orphaned>
mWinlogon: Userinit = userinit.exe
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: {95B7759C-8C7F-4BF1-B163-73684A933233} - <orphaned>
BHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe32.dll
BHO: {D4027C7F-154A-4066-A1AD-4243D8127440} - <orphaned>
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
uRunOnce: [Uninstall C:\Users\Brittney Boo Boo\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] C:\Windows\System32\cmd.exe /q /c rmdir /s /q "C:\Users\Brittney Boo Boo\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64"
uRunOnce: [Uninstall C:\Users\Brittney Boo Boo\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910] C:\Windows\System32\cmd.exe /q /c rmdir /s /q "C:\Users\Brittney Boo Boo\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
mRun: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe
mRun: [THX TruStudio NB Settings] "C:\Program Files (x86)\Creative\THX TruStudio\THXNBSet\THXAudNB.exe" /r
mRun: [UpdReg] C:\Windows\UpdReg.EXE
mRun: [CPMonitor] "C:\Program Files (x86)\Roxio\CinePlayer\5.0\CPMonitor.exe"
mRun: [VAWinAgent] C:\ExpressGateUtil\VAWinAgent.exe
mRun: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
mRun: [CLMLServer] "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
mRun: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [vProt] "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"
mRun: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
mRun: [ACMON] C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
mRun: [FLxHCIm64] "C:\Program Files\Fresco Logic\Fresco Logic USB3.0 Host Controller\amd64_host\FLxHCIm.exe"
mRun: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
StartupFolder: C:\Users\BRITTN~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ADOBEG~1.LNK - C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\ASUSVI~1.LNK - C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 68.105.28.11 68.105.29.11 68.105.28.12
TCP: Interfaces\{50E13D92-A992-4E23-A222-D9CC85354342} : NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{57B98A03-46F1-4E8C-BE51-964FD2B8A4C0} : NameServer = 8.26.56.26,156.154.70.22
TCP: Interfaces\{57B98A03-46F1-4E8C-BE51-964FD2B8A4C0} : DHCPNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe32.dll
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.0.0\ViProtocol.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
Notify: SDWinLogon - SDWinLogon.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: TmIEPlugInBHO Class: {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: TmBpIeBHO Class: {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe64.dll
x64-Run: [VizorHtmlDialog.exe] "C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe" "DEF" "EULA" "C:\Program Files\Trend Micro\Titanium\UI\Installer.cmpt\resources\preinstall_01_welcome_trial.html" "DEF" "DEF" "DEF"
x64-Run: [Trend Micro Client Framework] "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe"
x64-Run: [Trend Micro Titanium] C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe -ReFlush "none" "none"
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [IntelPAN] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PAN Tray
x64-Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
x64-Run: [THXCfg64] C:\Windows\System32\RunDLL32.exe C:\Windows\System32\THXCfg64.dll,RunDLLEntry THXCfg64
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [SynAsusAcpi] C:\Program Files (x86)\Synaptics\SynTP\SynAsusAcpi.exe
x64-Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
.
INFO: x64-HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\6.5.1234\6.5.1234\TmBpIe64.dll
x64-Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\module\20004\1.5.1381\6.5.1234\TmIEPlg.dll
x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
Hosts: 127.0.0.1www.spywareinfo.com
.
============= SERVICES / DRIVERS ===============
.
R0 avc3;avc3;C:\Windows\System32\drivers\avc3.sys [2013-4-14 705552]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2013-4-7 55856]
R1 ATKWMIACPIIO_;ATKWMIACPI Driver_;C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-9-7 17536]
R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2013-4-7 39768]
R1 bdfwfpf;bdfwfpf;C:\Program Files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys [2013-4-14 107080]
R1 cmderd;COMODO Internet Security Eradication Driver;C:\Windows\System32\drivers\cmderd.sys [2013-1-16 23176]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;C:\Windows\System32\drivers\cmdguard.sys [2013-1-16 699880]
R1 cmdHlp;COMODO Internet Security Helper Driver;C:\Windows\System32\drivers\cmdhlp.sys [2013-1-16 48360]
R1 gzflt;gzflt;C:\Windows\System32\drivers\gzflt.sys [2013-4-14 147232]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2012-7-11 140672]
R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-2 15416]
R2 AsusUacSvc;Asus process privilege adjust service;C:\Program Files\Asus\Rotation Desktop for G Series\AsusUacSvc.exe [2013-4-7 113840]
R2 CLPSLauncher;COMODO LPS Launcher;C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [2013-3-29 70352]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
R2 DMAgent;Intel® PROSet/Wireless WiMAX Red Bend Device Management Service;C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe [2011-6-14 498688]
R2 DragonUpdater;COMODO Dragon Update Service;C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2013-3-28 2074768]
R2 GeekBuddyRSP;GeekBuddyRSP Service;C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2013-3-13 1851088]
R2 gzserv;Bitdefender Antivirus Free Edition;C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe [2013-4-14 30240]
R2 HitmanProScheduler;HitmanPro Scheduler;C:\Program Files\HitmanPro\hmpsched.exe [2013-4-12 109352]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-4-12 418376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-4-12 701512]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2013-4-7 1103392]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2013-4-7 1369624]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2013-4-7 168384]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-3-14 383264]
R2 TiMiniService;TiMiniService;C:\Program Files\Trend Micro\Titanium\TiMiniService.exe [2011-4-28 241488]
R2 tmevtmgr;tmevtmgr;C:\Windows\System32\drivers\tmevtmgr.sys [2011-9-23 67664]
R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2010-11-29 16120]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2013-4-7 2655768]
R2 VideAceWindowsService;VideAceWindowsService;C:\ExpressGateUtil\VAWinService.exe [2011-3-25 91464]
R2 vToolbarUpdater15.0.0;vToolbarUpdater15.0.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.0.0\ToolbarUpdater.exe [2013-4-7 990896]
R2 WiMAXAppSrv;Intel® PROSet/Wireless WiMAX Service;C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe [2011-6-14 986112]
R3 AiCharger;ASUS Charger Driver;C:\Windows\System32\drivers\AiCharger.sys [2013-4-7 17152]
R3 avckf;avckf;C:\Windows\System32\drivers\avckf.sys [2013-4-14 545064]
R3 bpenum;Intel(R) Centrino(R) WiMAX Enumerator;C:\Windows\System32\drivers\bpenum.sys [2011-5-19 84480]
R3 bpmp;Intel(R) Centrino(R) WiMAX 6050 Series;C:\Windows\System32\drivers\bpmp.sys [2011-5-19 182272]
R3 bpusb;Intel(R) Centrino(R) WiMAX 6050 Series Function Driver;C:\Windows\System32\drivers\bpusb.sys [2011-5-19 83968]
R3 FLxHCIc;Fresco Logic xHCI (USB3) Device Driver;C:\Windows\System32\drivers\FLxHCIc.sys [2012-7-18 246568]
R3 FLxHCIh;Fresco Logic xHCI (USB3) Hub Device Driver;C:\Windows\System32\drivers\FLxHCIh.sys [2012-7-18 76584]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-4-12 25928]
R3 MBfilt;MBfilt;C:\Windows\System32\drivers\MBfilt64.sys [2013-4-7 32344]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2013-4-7 471144]
R3 SmbDrv;SmbDrv;C:\Windows\System32\drivers\Smb_driver.sys [2012-1-26 22800]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-2-28 161384]
S3 Amsp;Trend Micro Solution Platform;C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe [2011-9-23 267480]
S3 cmdvirth;COMODO Virtual Service Manager;C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2013-1-24 158928]
S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2013-4-7 79360]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2013-4-7 79360]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2013-4-11 57856]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-9-12 1512448]
S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);C:\Windows\System32\drivers\L1C62x64.sys [2009-6-10 57344]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-5-2 340240]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\rtsuvstor.sys [2013-4-7 290920]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\System32\drivers\SiSG664.sys [2009-6-10 56832]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-2-18 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2011-2-18 31232]
S3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-4-8 1255736]
.
=============== Created Last 30 ================
.
2013-04-14 14:47:35--------d-----w-C:\Windows\pss
2013-04-14 14:46:06--------d-----w-C:\Program Files (x86)\Common Files\COMODO
2013-04-14 13:56:27--------d-----w-C:\Users\Brittney Boo Boo\Doctor Web
2013-04-14 13:24:4747368----a-w-C:\Windows\SysWow64\certsentry.dll
2013-04-14 12:55:24--------d--h--w-C:\VTRoot
2013-04-14 12:48:5971048----a-w-C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-04-14 12:48:59691592----a-w-C:\Windows\SysWow64\FlashPlayerApp.exe
2013-04-14 12:39:28260544----a-w-C:\Windows\System32\drivers\avchv.sys
2013-04-14 12:35:2324512----a-w-C:\ProgramData\1365942909.bdinstall.bin
2013-04-14 12:35:0523627----a-w-C:\ProgramData\1365942897.bdinstall.bin
2013-04-14 12:34:37--------d-s---w-C:\ProgramData\Shared Space
2013-04-14 12:32:30159395----a-w-C:\ProgramData\1365942277.bdinstall.bin
2013-04-14 12:31:14--------d-----w-C:\Program Files\COMODO
2013-04-14 12:30:49--------d-----w-C:\ProgramData\COMODO
2013-04-14 12:30:47705552----a-w-C:\Windows\System32\drivers\avc3.sys
2013-04-14 12:30:47545064----a-w-C:\Windows\System32\drivers\avckf.sys
2013-04-14 12:30:27--------d-----w-C:\Users\Brittney Boo Boo\AppData\Local\Comodo
2013-04-14 12:30:2256072----a-w-C:\Windows\System32\certsentry.dll
2013-04-14 12:30:11--------d-----w-C:\Program Files (x86)\Comodo
2013-04-14 12:30:06348160----a-w-C:\Windows\SysWow64\msvcr71.dll
2013-04-14 12:30:061700352----a-w-C:\Windows\SysWow64\gdiplus.dll
2013-04-14 12:30:061060864----a-w-C:\Windows\SysWow64\mfc71.dll
2013-04-14 12:29:58--------d-----w-C:\ProgramData\Comodo Downloader
2013-04-14 12:25:05--------d-----w-C:\Users\Brittney Boo Boo\AppData\Roaming\QuickScan
2013-04-14 12:24:55--------d-----w-C:\Program Files\Bitdefender
2013-04-14 12:24:50350160----a-w-C:\Windows\System32\drivers\trufos.sys
2013-04-14 12:24:49147232----a-w-C:\Windows\System32\drivers\gzflt.sys
2013-04-14 12:15:37--------d-----w-C:\Users\Brittney Boo Boo\AppData\Roaming\SUPERAntiSpyware.com
2013-04-14 12:15:28--------d-----w-C:\ProgramData\SUPERAntiSpyware.com
2013-04-14 12:15:28--------d-----w-C:\Program Files\SUPERAntiSpyware
2013-04-13 16:17:50--------d-----w-C:\Users\Brittney Boo Boo\AppData\Local\Adobe
2013-04-13 16:11:14--------d-----w-C:\Program Files (x86)\Common Files\Adobe Systems Shared
2013-04-13 16:08:55--------d-----w-C:\PhSp_CS2_UE_Ret
2013-04-13 08:50:51--------d-----w-C:\Users\Brittney Boo Boo\.thumbnails
2013-04-13 08:07:27--------d-----w-C:\Users\Brittney Boo Boo\AppData\Local\fontconfig
2013-04-13 08:07:26--------d-----w-C:\Users\Brittney Boo Boo\AppData\Local\gegl-0.2
2013-04-13 08:07:26--------d-----w-C:\Users\Brittney Boo Boo\.gimp-2.8
2013-04-12 12:08:1812872----a-w-C:\Windows\System32\bootdelete.exe
2013-04-12 12:00:48--------d-----w-C:\Users\Brittney Boo Boo\AppData\Roaming\Malwarebytes
2013-04-12 12:00:39--------d-----w-C:\ProgramData\Malwarebytes
2013-04-12 12:00:3825928----a-w-C:\Windows\System32\drivers\mbam.sys
2013-04-12 12:00:38--------d-----w-C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-04-12 12:00:21--------d-----w-C:\Program Files\HitmanPro
2013-04-12 12:00:14--------d-----w-C:\ProgramData\HitmanPro
2013-04-12 11:53:139311288----a-w-C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{06E40604-D147-4514-8A7A-AE1200ACC7EC}\mpengine.dll
2013-04-12 11:52:363217408----a-w-C:\Windows\SysWow64\mstscax.dll
2013-04-12 11:52:36158720----a-w-C:\Windows\System32\aaclient.dll
2013-04-12 11:52:36131584----a-w-C:\Windows\SysWow64\aaclient.dll
2013-04-12 11:52:24223752----a-w-C:\Windows\System32\drivers\fvevol.sys
2013-04-12 11:52:235550424----a-w-C:\Windows\System32\ntoskrnl.exe
2013-04-12 11:52:233913560----a-w-C:\Windows\SysWow64\ntoskrnl.exe
2013-04-12 11:52:226656----a-w-C:\Windows\SysWow64\apisetschema.dll
2013-04-12 11:52:2243520----a-w-C:\Windows\System32\csrsrv.dll
2013-04-12 11:52:223968856----a-w-C:\Windows\SysWow64\ntkrnlpa.exe
2013-04-12 11:52:22112640----a-w-C:\Windows\System32\smss.exe
2013-04-12 11:36:50--------d-----w-C:\ProgramData\Creative Labs
2013-04-12 04:57:49--------d-----w-C:\Users\Brittney Boo Boo\AppData\Roaming\LolClient
2013-04-11 14:48:02--------d-----w-C:\Windows\en
2013-04-11 14:46:3457856----a-w-C:\Windows\System32\drivers\fssfltr.sys
2013-04-11 14:45:5719696----a-w-C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-04-11 14:43:435659096----a-w-C:\Program Files (x86)\Common Files\Windows Live\.cache\b913f3a51ce36c206\skydrivesetup.exe
2013-04-11 14:43:43--------d-----w-C:\Program Files (x86)\Microsoft SkyDrive
2013-04-11 14:43:42--------d-----r-C:\Users\Brittney Boo Boo\SkyDrive
2013-04-11 14:43:37--------d-----w-C:\ProgramData\Microsoft SkyDrive
2013-04-11 14:41:5994040----a-w-C:\Program Files (x86)\Common Files\Windows Live\.cache\b7ce9da11ce36c205\DSETUP.dll
2013-04-11 14:41:59525656----a-w-C:\Program Files (x86)\Common Files\Windows Live\.cache\b7ce9da11ce36c205\DXSETUP.exe
2013-04-11 14:41:591691480----a-w-C:\Program Files (x86)\Common Files\Windows Live\.cache\b7ce9da11ce36c205\dsetup32.dll
2013-04-11 14:41:5689944----a-w-C:\Program Files (x86)\Common Files\Windows Live\.cache\b5cc848a1ce36c203\DSETUP.dll
2013-04-11 14:41:56537432----a-w-C:\Program Files (x86)\Common Files\Windows Live\.cache\b5cc848a1ce36c203\DXSETUP.exe
2013-04-11 14:41:561801048----a-w-C:\Program Files (x86)\Common Files\Windows Live\.cache\b5cc848a1ce36c203\dsetup32.dll
2013-04-11 14:41:5189944----a-w-C:\Program Files (x86)\Common Files\Windows Live\.cache\b4250fe71ce36c201\DSETUP.dll
2013-04-11 14:41:51537432----a-w-C:\Program Files (x86)\Common Files\Windows Live\.cache\b4250fe71ce36c201\DXSETUP.exe
2013-04-11 14:41:511801048----a-w-C:\Program Files (x86)\Common Files\Windows Live\.cache\b4250fe71ce36c201\dsetup32.dll
2013-04-11 14:41:50--------d-----w-C:\Users\Brittney Boo Boo\AppData\Local\Windows Live
2013-04-10 20:56:043717632----a-w-C:\Windows\System32\mstscax.dll
2013-04-10 20:56:0244032----a-w-C:\Windows\System32\tsgqec.dll
2013-04-10 20:56:0236864----a-w-C:\Windows\SysWow64\tsgqec.dll
2013-04-10 20:55:383153408----a-w-C:\Windows\System32\win32k.sys
2013-04-10 20:51:489311288----a-w-C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2013-04-10 14:39:53--------d-----w-C:\Users\Brittney Boo Boo\AppData\Roaming\uTorrent
2013-04-09 07:21:12--------d-----w-C:\Users\Brittney Boo Boo\AppData\Local\Diagnostics
2013-04-09 01:38:14154240----a-w-C:\Windows\AsPatch10430001.exe
2013-04-09 01:36:52--------d-----w-C:\Program Files\Fresco Logic
2013-04-09 01:35:40--------d-----w-C:\Program Files\Synaptics
2013-04-09 01:33:16380----a-w-C:\Users\Brittney Boo Boo\AppData\Roaming\sp_data.sys
2013-04-09 01:28:27196224----a-w-C:\Program Files\Windows Sidebar\Shared Gadgets\P4GUpdate.Gadget\P4GUpdate.dll
2013-04-09 01:28:25--------d-----w-C:\ProgramData\P4G
2013-04-09 01:27:022603864----a-w-C:\Windows\System32\WavesGUILib.dll
2013-04-09 01:27:00823912----a-w-C:\Windows\System32\RtkApi64.dll
2013-04-09 01:27:004740456----a-w-C:\Windows\System32\drivers\RTKVHD64.sys
2013-04-09 01:27:003846248----a-w-C:\Windows\System32\RtkAPO64.dll
2013-04-09 01:27:00331880----a-w-C:\Windows\System32\RtlCPAPI64.dll
2013-04-09 01:27:002652264----a-w-C:\Windows\System32\RtPgEx64.dll
2013-04-09 01:27:001560168----a-w-C:\Windows\System32\RTSnMg64.cpl
2013-04-09 01:27:0014952----a-w-C:\Windows\System32\RtkCoLDR64.dll
2013-04-09 01:26:591247848----a-w-C:\Windows\System32\RTCOM64.dll
2013-04-09 01:26:59100968----a-w-C:\Windows\System32\RCoInstII64.dll
2013-04-09 01:26:58958296----a-w-C:\Windows\System32\MaxxAudioAPOShell64.dll
2013-04-09 01:26:58626264----a-w-C:\Windows\System32\MBTHX64.dll
2013-04-09 01:26:58561752----a-w-C:\Windows\SysWow64\MBTHX32.dll
2013-04-09 01:26:582131288----a-w-C:\Windows\System32\MaxxAudioEQ.dll
2013-04-09 01:26:552528832----a-w-C:\Windows\System32\FMAPO64.dll
2013-04-09 01:19:12--------d-----w-C:\Windows\SysWow64\Wat
2013-04-09 01:19:12--------d-----w-C:\Windows\System32\Wat
2013-04-08 16:43:369728----a-w-C:\Windows\System32\Wdfres.dll
2013-04-08 16:43:36785512----a-w-C:\Windows\System32\drivers\Wdf01000.sys
2013-04-08 16:43:3654376----a-w-C:\Windows\System32\drivers\WdfLdr.sys
2013-04-08 16:43:362560----a-w-C:\Windows\System32\drivers\en-US\wdf01000.sys.mui
2013-04-08 16:37:539728---ha-w-C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-04-08 16:23:5746080----a-w-C:\Windows\System32\atmlib.dll
2013-04-08 16:23:57367616----a-w-C:\Windows\System32\atmfd.dll
2013-04-08 16:23:5734304----a-w-C:\Windows\SysWow64\atmlib.dll
2013-04-08 16:23:57295424----a-w-C:\Windows\SysWow64\atmfd.dll
2013-04-08 16:23:1787040----a-w-C:\Windows\System32\drivers\WUDFPf.sys
2013-04-08 16:23:1784992----a-w-C:\Windows\System32\WUDFSvc.dll
2013-04-08 16:23:17744448----a-w-C:\Windows\System32\WUDFx.dll
2013-04-08 16:23:1745056----a-w-C:\Windows\System32\WUDFCoinstaller.dll
2013-04-08 16:23:17229888----a-w-C:\Windows\System32\WUDFHost.exe
2013-04-08 16:23:17198656----a-w-C:\Windows\System32\drivers\WUDFRd.sys
2013-04-08 16:23:17194048----a-w-C:\Windows\System32\WUDFPlatform.dll
2013-04-08 16:16:3381408----a-w-C:\Windows\System32\imagehlp.dll
2013-04-08 16:16:335120----a-w-C:\Windows\SysWow64\wmi.dll
2013-04-08 16:16:335120----a-w-C:\Windows\System32\wmi.dll
2013-04-08 16:16:3323408----a-w-C:\Windows\System32\drivers\fs_rec.sys
2013-04-08 16:16:33159232----a-w-C:\Windows\SysWow64\imagehlp.dll
2013-04-08 11:44:46--------d-----w-C:\ProgramData\YTD Video Downloader
2013-04-08 10:15:599216----a-w-C:\Windows\System32\rdrmemptylst.exe
2013-04-08 10:14:47498688----a-w-C:\Windows\System32\drivers\afd.sys
2013-04-08 10:13:59956928----a-w-C:\Windows\System32\localspl.dll
2013-04-08 05:59:22--------d-----w-C:\Users\Brittney Boo Boo\AppData\Local\Apple Computer
2013-04-08 05:59:03--------d-----w-C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-04-08 05:59:03--------d-----w-C:\Program Files\iTunes
2013-04-08 05:59:03--------d-----w-C:\Program Files\iPod
2013-04-08 05:59:03--------d-----w-C:\Program Files (x86)\iTunes
2013-04-08 05:19:1633240----a-w-C:\Windows\System32\drivers\GEARAspiWDM.sys
2013-04-08 04:30:44--------d-----w-C:\ProgramData\Nexon
2013-04-08 04:07:49--------d-----w-C:\Users\Brittney Boo Boo\AppData\Local\Apple
2013-04-08 04:07:13282744------w-C:\Windows\System32\MpSigStub.exe
2013-04-08 04:07:10--------d-----w-C:\Program Files (x86)\GreenTree Applications
2013-04-08 04:05:21--------d-----w-C:\Program Files\Bonjour
2013-04-08 04:05:21--------d-----w-C:\Program Files (x86)\Bonjour
2013-04-08 03:54:07--------d-----w-C:\Windows\SysWow64\directx
2013-04-08 03:52:02--------d-----w-C:\Program Files (x86)\MPC-HC
2013-04-08 03:47:50--------d-----r-C:\Program Files (x86)\Skype
2013-04-08 03:46:46--------d-----w-C:\eSupport
2013-04-08 03:45:24--------d-----w-C:\WIMAPPLY
2013-04-08 03:44:57--------d-----w-C:\ProgramData\Spybot - Search & Destroy
2013-04-08 03:44:5317272----a-w-C:\Windows\System32\sdnclean64.exe
2013-04-08 03:44:50--------d-----w-C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-04-08 03:44:23--------d-----w-C:\Users\Brittney Boo Boo\AppData\Local\Programs
2013-04-08 03:44:15--------d-----w-C:\Users\Brittney Boo Boo\AppData\Local\AVG SafeGuard toolbar
2013-04-08 03:44:10--------d-----w-C:\ProgramData\AVG SafeGuard toolbar
2013-04-08 03:44:05--------d-----w-C:\Program Files (x86)\Common Files\Steam
2013-04-08 03:44:04--------d-----w-C:\Program Files (x86)\Steam
2013-04-08 03:44:0039768----a-w-C:\Windows\System32\drivers\avgtpx64.sys
2013-04-08 03:43:58--------d-----w-C:\Program Files (x86)\Common Files\AVG Secure Search
2013-04-08 03:43:57--------d-----w-C:\Program Files (x86)\AVG SafeGuard toolbar
2013-04-08 03:43:50--------d--h--w-C:\ProgramData\Common Files
2013-04-08 03:43:05--------d-----w-C:\Users\Brittney Boo Boo\AppData\Local\APN
2013-04-08 03:42:56--------d-----w-C:\ProgramData\Avira
2013-04-08 03:42:15--------d-----w-C:\Users\Brittney Boo Boo\AppData\Local\Spotify
2013-04-08 03:40:29--------d-----w-C:\Users\Brittney Boo Boo\AppData\Local\Google
2013-04-08 03:38:45--------d-----w-C:\Program Files\CCleaner
2013-04-08 03:38:26--------d-----w-C:\NVIDIA
2013-04-08 03:33:05826880----a-w-C:\Windows\SysWow64\rdpcore.dll
2013-04-08 03:33:0523552----a-w-C:\Windows\System32\drivers\tdtcp.sys
2013-04-08 03:33:051031680----a-w-C:\Windows\System32\rdpcore.dll
2013-04-08 03:31:14--------d-----w-C:\Users\Brittney Boo Boo\AppData\Local\Apps
2013-04-08 03:31:13--------d-----w-C:\Users\Brittney Boo Boo\AppData\Local\Deployment
2013-04-08 03:31:04--------d-----w-C:\Users\Brittney Boo Boo\AppData\Local\Power2Go
2013-04-08 03:30:0245056----a-w-C:\Windows\SysWow64\acovcnt.exe
2013-04-08 03:28:5536864----a-w-C:\Windows\System32\wuapp.exe
2013-04-08 03:28:55186752----a-w-C:\Windows\System32\wuwebv.dll
2013-04-08 03:13:05--------d--h--w-C:\ExpressGateUtil
2013-04-08 03:12:17--------d-----w-C:\ProgramData\Uninstall
2013-04-08 03:10:52--------d-----w-C:\ProgramData\USBChargerPlus
2013-04-08 03:09:1217152----a-w-C:\Windows\System32\drivers\AiCharger.sys
2013-04-08 03:09:0777824----a-w-C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2013-04-08 03:09:0732768----a-w-C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2013-04-08 03:09:07225280----a-w-C:\Program Files (x86)\Common Files\InstallShield\IScript\iscript.dll
2013-04-08 03:09:07176128----a-w-C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2013-04-08 03:09:06614532----a-w-C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe
2013-04-08 03:09:05155648----a-w-C:\Windows\SysWow64\ACEngSvr.exe
2013-04-08 03:08:33--------d-----w-C:\ProgramData\ASUS
2013-04-08 03:08:32--------d-----w-C:\ProgramData\VirtualDesktop
2013-04-08 03:08:31--------d-----w-C:\Program Files\Asus
2013-04-08 03:04:34--------d-----w-C:\ProgramData\Roaming
2013-04-08 03:04:01--------d-----w-C:\Program Files\Common Files\Intel
2013-04-08 03:04:00--------d-----w-C:\Program Files (x86)\Cisco
2013-04-08 03:02:27--------d-----w-C:\Program Files\Fresco Logic Inc
2013-04-08 03:02:227367200----a-w-C:\Windows\SysWow64\RtsUVStoricon.dll
2013-04-08 03:02:22290920----a-w-C:\Windows\System32\drivers\rtsuvstor.sys
2013-04-08 03:02:2215464------w-C:\Windows\System32\drivers\diskperf64.sys
2013-04-08 02:58:44--------d-----w-C:\ProgramData\NVIDIA Corporation
2013-04-08 02:58:311359976----a-w-C:\Windows\System32\nvhdagenco642040.dll
2013-04-08 02:58:3067176----a-w-C:\Windows\System32\OpenCL.dll
2013-04-08 02:58:302864144----a-w-C:\Windows\System32\nvapi64.dll
2013-04-08 02:58:301617512----a-w-C:\Windows\System32\nvdispco6420120.dll
2013-04-08 02:58:3015508512----a-w-C:\Windows\System32\nvwgf2umx.dll
2013-04-08 02:58:301359976----a-w-C:\Windows\System32\nvgenco642040.dll
2013-04-08 02:58:3011240----a-w-C:\Windows\System32\drivers\nvBridge.kmd
2013-04-08 02:58:2957960----a-w-C:\Windows\SysWow64\OpenCL.dll
2013-04-08 02:58:25--------d-----w-C:\Program Files\NVIDIA Corporation
2013-04-08 02:57:288192----a-w-C:\Windows\SysWow64\drivers\IntelMEFWVer.dll
2013-04-08 02:57:288192----a-w-C:\Windows\System32\drivers\IntelMEFWVer.dll
2013-04-08 02:57:25--------d-----w-C:\Program Files (x86)\Common Files\postureAgent
2013-04-08 02:56:3256344----a-w-C:\Windows\System32\drivers\HECIx64.sys
2013-04-08 02:54:0153248----a-w-C:\Windows\SysWow64\CSVer.dll
2013-04-08 02:53:58--------d-----w-C:\Intel
2013-04-08 02:52:35180736----a-w-C:\Windows\System32\ifsutil.dll
2013-04-08 02:52:35148992----a-w-C:\Windows\SysWow64\ifsutil.dll
.
==================== Find3M ====================
.
2013-04-08 16:37:539728---ha-w-C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-04-08 03:41:0495648----a-w-C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-04-08 03:41:04861088----a-w-C:\Windows\SysWow64\npDeployJava1.dll
2013-04-08 03:41:04782240----a-w-C:\Windows\SysWow64\deployJava1.dll
2013-04-08 03:11:24466520----a-w-C:\Windows\System32\wrap_oal.dll
2013-04-08 03:11:24445016----a-w-C:\Windows\SysWow64\wrap_oal.dll
2013-04-08 03:11:24123480----a-w-C:\Windows\System32\OpenAL32.dll
2013-04-08 03:11:24109144----a-w-C:\Windows\SysWow64\OpenAL32.dll
2013-04-08 03:11:1380512----a-w-C:\Windows\AsusScr_G74 Series_ENG Uninstaller.exe
2013-04-08 03:11:103058304----a-w-C:\Windows\AsScrPro.exe
2013-03-15 05:07:52559904----a-w-C:\Windows\SysWow64\nvStreaming.exe
2013-03-15 04:16:183477280----a-w-C:\Windows\System32\nvsvc64.dll
2013-03-15 04:16:176398240----a-w-C:\Windows\System32\nvcpl.dll
2013-03-15 04:16:10877856----a-w-C:\Windows\System32\nvvsvc.exe
2013-03-15 04:16:1063776----a-w-C:\Windows\System32\nvshext.dll
2013-03-15 04:16:102555680----a-w-C:\Windows\System32\nvsvcr.dll
2013-03-15 04:16:10237856----a-w-C:\Windows\System32\nvmctray.dll
2013-02-21 10:30:161766912----a-w-C:\Windows\SysWow64\wininet.dll
2013-02-21 10:29:392877440----a-w-C:\Windows\SysWow64\jscript9.dll
2013-02-21 10:29:3761440----a-w-C:\Windows\SysWow64\iesetup.dll
2013-02-21 10:29:37109056----a-w-C:\Windows\SysWow64\iesysprep.dll
2013-02-21 10:15:072240512----a-w-C:\Windows\System32\wininet.dll
2013-02-21 10:14:093958784----a-w-C:\Windows\System32\jscript9.dll
2013-02-21 10:14:0567072----a-w-C:\Windows\System32\iesetup.dll
2013-02-21 10:14:05136704----a-w-C:\Windows\System32\iesysprep.dll
2013-02-19 12:01:032706432----a-w-C:\Windows\SysWow64\mshtml.tlb
2013-02-19 11:42:142706432----a-w-C:\Windows\System32\mshtml.tlb
2013-02-19 11:10:5371680----a-w-C:\Windows\SysWow64\RegisterIEPKEYs.exe
2013-02-19 10:51:1889600----a-w-C:\Windows\System32\RegisterIEPKEYs.exe
2013-02-12 05:45:24135168----a-w-C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2013-02-12 05:45:22350208----a-w-C:\Windows\apppatch\AppPatch64\AcLayers.dll
2013-02-12 05:45:22308736----a-w-C:\Windows\apppatch\AppPatch64\AcGenral.dll
2013-02-12 05:45:22111104----a-w-C:\Windows\apppatch\AppPatch64\acspecfc.dll
2013-02-12 04:48:31474112----a-w-C:\Windows\apppatch\AcSpecfc.dll
2013-02-12 04:48:262176512----a-w-C:\Windows\apppatch\AcGenral.dll
2013-02-12 04:12:0519968----a-w-C:\Windows\System32\drivers\usb8023.sys
2013-01-25 05:43:0443216----a-w-C:\Windows\System32\cmdcsr.dll
2013-01-25 05:43:02461384----a-w-C:\Windows\System32\guard64.dll
2013-01-25 05:43:02354752----a-w-C:\Windows\SysWow64\guard32.dll
2013-01-25 05:42:5445776----a-w-C:\Windows\System32\cmdkbd64.dll
2013-01-25 05:42:54326352----a-w-C:\Windows\System32\cmdvrt64.dll
2013-01-25 05:42:5040656----a-w-C:\Windows\SysWow64\cmdkbd32.dll
2013-01-25 05:42:50263888----a-w-C:\Windows\SysWow64\cmdvrt32.dll
2013-01-17 02:51:46699880----a-w-C:\Windows\System32\drivers\cmdguard.sys
2013-01-17 02:51:4648360----a-w-C:\Windows\System32\drivers\cmdhlp.sys
2013-01-17 02:51:4423176----a-w-C:\Windows\System32\drivers\cmderd.sys
.
============= FINISH: 13:13:31.59 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 4/7/2013 8:28:39 PM
System Uptime: 4/14/2013 1:06:08 PM (0 hours ago)
.
Motherboard: ASUSTeK Computer Inc. | | G74Sx
Processor: Intel(R) Core(TM) i7-2670QM CPU @ 2.20GHz | CPU 1 | 2201/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 195 GiB total, 112.754 GiB free.
D: is FIXED (NTFS) - 233 GiB total, 141.324 GiB free.
E: is FIXED (NTFS) - 233 GiB total, 181.358 GiB free.
F: is FIXED (NTFS) - 245 GiB total, 197.383 GiB free.
G: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
µTorrent
Adobe Bridge 1.0
Adobe Common File Installer
Adobe Flash Player 10 ActiveX
Adobe Flash Player 11 Plugin
Adobe Help Center 1.0
Adobe Photoshop CS2
Adobe Reader X (10.1.0) MUI
Adobe Stock Photos 1.0
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Ask Toolbar
ASUS AI Recovery
ASUS FaceLogon
ASUS Live Update
ASUS Power4Gear Hybrid
ASUS Splendid Video Enhancement Technology
ASUS USB Charger Plus
ASUS Virtual Camera
AsusScr_G74 Series_ENG
AsusVibe2.0
ATK Package
AVG SafeGuard toolbar
Best Buy Connect
Best Buy pc app
Bitdefender Antivirus Free Edition
Bonjour
CCleaner
Comodo Dragon
COMODO Internet Security
CyberLink LabelPrint
CyberLink Power2Go
D3DX10
DirectX 9 Runtime
DragonNest
ExpressGateCloud
Fresco Logic USB3.0 Host Controller
GameFast.exe
GeekBuddy
Google Chrome
Google Update Helper
HitmanPro 3.7
Intel PROSet Wireless
Intel(R) Control Center
Intel(R) Management Engine Components
Intel(R) PROSet/Wireless WiFi Software
Intel(R) Turbo Boost Technology Monitor 2.0
Intel® PROSet/Wireless WiMAX Software
iTunes
Java 7 Update 17
Java Auto Updater
Junk Mail filter update
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Office 2010
Microsoft Silverlight
Microsoft SkyDrive
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Movie Maker
MPC-HC 1.6.6.6957 (3975d54)
MSVCRT
MSVCRT_amd64
MSVCRT110
MSVCRT110_amd64
Nexon Game Manager
NVIDIA 3D Vision Driver 314.22
NVIDIA Control Panel 314.22
NVIDIA Graphics Driver 314.22
NVIDIA HD Audio Driver 1.3.23.1
NVIDIA Install Application
NVIDIA PhysX
NVIDIA PhysX System Software 9.12.1031
NVIDIA Stereoscopic 3D Driver
NVIDIA Update 1.12.12
NVIDIA Update Components
Photo Common
Photo Gallery
RaidCall
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
Realtek USB 2.0 Reader Driver
Rotation Desktop for G Series.exe
Roxio AACS Certificate
Roxio CinePlayer
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Skype™ 6.3
Spotify
Spybot - Search & Destroy
Steam
SUPERAntiSpyware
Synaptics Pointing Device Driver
THX TruStudio
Trend Micro Titanium Internet Security
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Mail
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinFlash
WinRAR 4.20 (64-bit)
Wireless Console 3
YTD Video Downloader 4.0
.
==== Event Viewer Messages From Past Week ========
.
4/8/2013 6:25:45 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Security Update for Internet Explorer 9 for Windows 7 for x64-based Systems (KB2797052).
4/8/2013 6:25:45 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80242016: Cumulative Security Update for Internet Explorer 9 for Windows 7 for x64-based Systems (KB2809289).
4/8/2013 12:46:16 AM, Error: Service Control Manager [7000] - The ATKWMIACPI Driver_ service failed to start due to the following error: The system cannot find the file specified.
4/7/2013 9:18:00 PM, Error: iaStor [9] - The device, \Device\Ide\iaStor0, did not respond within the timeout period.
4/7/2013 8:46:27 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
4/7/2013 8:46:27 PM, Error: Service Control Manager [7000] - The Steam Client Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
4/7/2013 8:42:02 PM, Error: Schannel [36887] - The following fatal alert was received: 51.
4/7/2013 10:59:32 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Apple Mobile Device service, but this action failed with the following error: An instance of the service is already running.
4/7/2013 10:58:32 PM, Error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
4/7/2013 10:54:29 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: cdrom
4/7/2013 10:19:49 PM, Error: Service Control Manager [7000] - The Apple Mobile Device service failed to start due to the following error: The application has failed to start because its side-by-side configuration is incorrect. Please see the application event log or use the command-line sxstrace.exe tool for more detail.
4/14/2013 7:44:10 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: CFRMD
4/14/2013 7:42:14 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Appinfo service.
4/14/2013 5:31:31 AM, Error: Service Control Manager [7006] - The ScRegSetValueExW call failed for FailureActions with the following error: Access is denied.
4/14/2013 5:31:28 AM, Error: Service Control Manager [7000] - The bdfwfpf service failed to start due to the following error: The system cannot find the file specified.
4/12/2013 5:40:19 AM, Error: Service Control Manager [7006] - The ScRegSetValueExW call failed for Start with the following error: Access is denied.
4/12/2013 5:09:50 AM, Error: Service Control Manager [7006] - The ScRegSetValueExW call failed for Description with the following error: Access is denied.
.
==== End Of File ===========================
 

Lolitsbrittxp

Posts: 12   +0
Hello, thank you for responding so fast!
Here is mbam:

Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org

Database version: v2013.04.12.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16521
Brittney Boo Boo :: BRITTNEYBOOBOO [administrator]

Protection: Enabled

4/12/2013 5:01:58 AM
mbam-log-2013-04-12 (05-01-58).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 233565
Time elapsed: 5 minute(s), 21 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
 

Broni

Posts: 55,924   +506
redtarget.gif
You're running two AV programs, TrendMicro and BitDefender.
You must uninstall one of them.
In addition...if you leave TrendMicro, it includes a firewall so you'll have to uninstall Comodo firewall.
In general you must end up with one AV and one firewall running.

redtarget.gif
Download RogueKiller on the desktop
  • Close all the running programs
  • Windows Vista/7 users: right click on RogueKiller.exe, click Run as Administrator
  • Otherwise just double-click on RogueKiller.exe
  • Pre-scan will start. Let it finish.
  • Click on SCAN button.
  • Wait until the Status box shows Scan Finished
  • Click on Delete.
  • Wait until the Status box shows Deleting Finished.
  • Click on Report and copy/paste the content of the Notepad into your next reply.
  • RKreport.txt could also be found on your desktop.
  • If more than one log is produced post all logs.
  • If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again

redtarget.gif
Download Malwarebytes Anti-Rootkit (MBAR) from HERE
  • Unzip downloaded file.
  • Open the folder where the contents were unzipped and run mbar.exe
  • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
  • Click on the Cleanup button to remove any threats and reboot if prompted to do so.
  • Wait while the system shuts down and the cleanup process is performed.
  • Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
  • When done, please post the two logs produced they will be in the MBAR folder..... mbar-log-xxxxx.txt and system-log.txt
 

Lolitsbrittxp

Posts: 12   +0
Rouge
RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : https://www.techspot.com/downloads/5562-roguekiller.html
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Brittney Boo Boo [Admin rights]
Mode : Scan -- Date : 04/14/2013 13:34:57
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 10 ¤¤¤
[TASK][SUSP PATH] ASUS Patch 10430001 : C:\Windows\AsPatch10430001.exe -e [7] -> FOUND
[STARTUP][SUSP PATH] Best Buy pc app.lnk @Default : C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe [7] -> FOUND
[STARTUP][SUSP PATH] Best Buy pc app.lnk @Default User : C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe [7] -> FOUND
[STARTUP][SUSP PATH] Best Buy pc app.lnk @UpdatusUser : C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe [7] -> FOUND
[DNS] HKLM\[...]\ControlSet001\Services\Tcpip\Interfaces\{50E13D92-A992-4E23-A222-D9CC85354342} : NameServer (8.26.56.26,156.154.70.22) -> FOUND
[DNS] HKLM\[...]\ControlSet001\Services\Tcpip\Interfaces\{57B98A03-46F1-4E8C-BE51-964FD2B8A4C0} : NameServer (8.26.56.26,156.154.70.22) -> FOUND
[DNS] HKLM\[...]\ControlSet002\Services\Tcpip\Interfaces\{50E13D92-A992-4E23-A222-D9CC85354342} : NameServer (8.26.56.26,156.154.70.22) -> FOUND
[DNS] HKLM\[...]\ControlSet002\Services\Tcpip\Interfaces\{57B98A03-46F1-4E8C-BE51-964FD2B8A4C0} : NameServer (8.26.56.26,156.154.70.22) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

127.0.0.1www.007guard.com
127.0.0.1007guard.com
127.0.0.1008i.com
127.0.0.1www.008k.com
127.0.0.1008k.com
127.0.0.1www.00hq.com
127.0.0.100hq.com
127.0.0.1010402.com
127.0.0.1www.032439.com
127.0.0.1032439.com
127.0.0.1www.0scan.com
127.0.0.10scan.com
127.0.0.1www.1000gratisproben.com
127.0.0.11000gratisproben.com
127.0.0.11001namen.com
127.0.0.1www.1001namen.com
127.0.0.1100888290cs.com
127.0.0.1www.100888290cs.com
127.0.0.1www.100sexlinks.com
127.0.0.1100sexlinks.com
[...]
 

Lolitsbrittxp

Posts: 12   +0
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.05.0.1001

(c) Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

Account is Administrative

Internet Explorer version: 10.0.9200.16540

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, E:\ DRIVE_FIXED, F:\ DRIVE_FIXED
CPU speed: 2.195000 GHz
Memory total: 8565989376, free: 5416095744

------------ Kernel report ------------
04/14/2013 13:37:21
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\DRIVERS\trufos.sys
\SystemRoot\system32\DRIVERS\FLTMGR.SYS
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\compbatt.sys
\SystemRoot\system32\drivers\BATTC.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\system32\drivers\pciide.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\DRIVERS\iaStor.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\msahci.sys
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\system32\DRIVERS\avc3.sys
\SystemRoot\System32\Drivers\PxHlpa64.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\System32\DRIVERS\cmderd.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\DRIVERS\cmdguard.sys
\SystemRoot\system32\DRIVERS\gzflt.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\??\C:\Windows\system32\drivers\avgtpx64.sys
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\??\C:\Program Files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\cmdhlp.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\inspect.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\tmtdi.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
\??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\nvlddmkm.sys
\SystemRoot\System32\Drivers\nvBridge.kmd
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\HECIx64.sys
\SystemRoot\system32\DRIVERS\AiCharger.sys
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\NETwNs64.sys
\SystemRoot\system32\DRIVERS\vwifibus.sys
\SystemRoot\system32\DRIVERS\FLxHCIc.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\Rt64win7.sys
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\system32\DRIVERS\SynTP.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\kbfiltr.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\Smb_driver.sys
\SystemRoot\system32\DRIVERS\CmBatt.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\wmiacpi.sys
\SystemRoot\system32\DRIVERS\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\bpenum.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\nvhda64v.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\system32\drivers\MBfilt64.sys
\SystemRoot\system32\DRIVERS\FLxHCIh.sys
\SystemRoot\System32\Drivers\bpusb.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\bpmp.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_iaStor.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\luafv.sys
\??\C:\Windows\system32\drivers\mbam.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\DRIVERS\avckf.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\DRIVERS\TurboB.sys
\??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\DRIVERS\tmcomm.sys
\SystemRoot\system32\DRIVERS\tmevtmgr.sys
\SystemRoot\system32\DRIVERS\tmactmon.sys
\SystemRoot\system32\DRIVERS\vwifimp.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\mbamswissarmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\iertutil.dll
\Windows\System32\advapi32.dll
----------- End -----------
<<<1>>>
Upper Device Name: \Device\Harddisk1\DR1
Upper Device Object: 0xfffffa80078d6060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IAAStorageDevice-2\
Lower Device Object: 0xfffffa8007209050
Lower Device Driver Name: \Driver\iaStor\
Driver name found: iaStor
Initialization returned 0x0
Load Function returned 0x0
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa80077ff790
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IAAStorageDevice-1\
Lower Device Object: 0xfffffa800720b050
Lower Device Driver Name: \Driver\iaStor\
Driver name found: iaStor
Downloaded database version: v2013.04.14.06
Downloaded database version: v2013.03.25.01
Initializing...
Done!
<<<2>>>
Device number: 0, partition: 2
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa80077ff790, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa80077ff250, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa80077ff790, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa8007203720, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xfffffa800720b050, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0xfffff8a0048df600, 0xfffffa80077ff790, 0xfffffa80109ca790
Lower DeviceData: 0xfffff8a003510700, 0xfffffa800720b050, 0xfffffa800ec62cf0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning directory: C:\Windows\system32\drivers...
<<<2>>>
Device number: 0, partition: 2
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: E3102A4B

Partition information:

Partition 0 type is Other (0x1c)
Partition is NOT ACTIVE.
Partition starts at LBA: 2048 Numsec = 52428800

Partition 1 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 52430848 Numsec = 409686016
Partition file system is NTFS
Partition is bootable

Partition 2 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 462116864 Numsec = 514654208

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Disk Size: 500107862016 bytes
Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-2047-976753168-976773168)...
Physical Sector Size: 512
Drive: 1, DevicePointer: 0xfffffa80078d6060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa80078d6b90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa80078d6060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa8007207950, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xfffffa8007209050, DeviceName: \Device\Ide\IAAStorageDevice-2\, DriverName: \Driver\iaStor\
------------ End ----------
Alternate DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
Upper DeviceData: 0xfffff8a00fa1e930, 0xfffffa80078d6060, 0xfffffa800ebfc090
Lower DeviceData: 0xfffff8a003a2c3e0, 0xfffffa8007209050, 0xfffffa800ec8c420
Drive 1
Scanning MBR on drive 1...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: BBC58B91

Partition information:

Partition 0 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 2048 Numsec = 488366080

Partition 1 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 488368128 Numsec = 488405040

Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Disk Size: 500107862016 bytes
Sector size: 512 bytes

Done!
Performing system, memory and registry scan...
Read File: File "c:\ProgramData\{8AE336A1-F82F-4ABF-A02A-B6ABA86CB4C5}\Best Buy pc app Setup.dat" is compressed (flags = 1)
Read File: File "c:\ProgramData\{8AE336A1-F82F-4ABF-A02A-B6ABA86CB4C5}\instance.dat" is compressed (flags = 1)
Read File: File "c:\ProgramData\{8AE336A1-F82F-4ABF-A02A-B6ABA86CB4C5}\Best Buy pc app Setup.dat" is compressed (flags = 1)
Read File: File "c:\ProgramData\{8AE336A1-F82F-4ABF-A02A-B6ABA86CB4C5}\instance.dat" is compressed (flags = 1)
Done!
Scan finished
=======================================
 

Broni

Posts: 55,924   +506
I don't see anything malicious there.

In this forum, we make sure, your computer is free of malware and your computer is clean :)
Because the access to malware forum is very limited, your best option is to create new topic about your current issue, at Windows section.
You'll get more attention.