I got this alert from AVG Antivirus after running a whole computer scan. It looks more serious than anything I have ever come across.
Here are the logs. I appreciate any help. Thanks.
Malwarebytes Anti-Malware (Trial) 1.61.0.1400
www.malwarebytes.org
Database version: v2012.06.12.09
Windows Vista Service Pack 2 x64 NTFS
Internet Explorer 8.0.6001.19272
Vittorio :: VITTORIO-PC [administrator]
Protection: Enabled
6/13/2012 5:14:28 PM
mbam-log-2012-06-13 (17-14-28).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 224620
Time elapsed: 3 minute(s), 59 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
NO GMER LOG
"GMER hasn't found any system modification. "
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 8.0.6001.19272 BrowserJavaVersion: 1.6.0_30
Run by Vittorio at 17:43:58 on 2012-06-13
.
============== Running Processes ===============
.
C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
C:\Program Files (x86)\Nuance\PDF Professional 6\PDFProFiltSrv.exe
C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
C:\Program Files (x86)\SiteAdvisor\6172\SAService.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
C:\Program Files (x86)\Intuit\QuickBooks 2011\QBW32.EXE
C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
C:\Program Files (x86)\Nuance\PDF Professional 6\PdfPro6Hook.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSMSNLoader32.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\Users\Vittorio\Desktop\cyhex6kh.exe
C:\Users\Vittorio\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Vittorio\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Vittorio\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Vittorio\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Vittorio\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Vittorio\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Vittorio\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Vittorio\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Vittorio\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Vittorio\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Vittorio\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Vittorio\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\Vittorio\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Vittorio\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Vittorio\Desktop\dds.scr
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
mWinlogon: Userinit=userinit.exe
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
BHO: AVG Do Not Track: {31332eef-cb9f-458f-afeb-d30e9a66b6ba} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
BHO: ZeonIEEventHelper Class: {da986d7d-ccaf-47b2-84fe-bfa1549bebf9} - C:\Program Files (x86)\Nuance\PDF Professional 6\bin\ZeonIEFavClient.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: Acer eDataSecurity Management: {5cbe3b7c-1e47-477e-a7dd-396db0476e29} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
TB: Nuance PDF: {e3286bf1-e654-42ff-b4a6-5e111731df6b} - C:\Program Files (x86)\Nuance\PDF Professional 6\bin\ZeonIEFavClient.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [Syncplicity] C:\Program Files\Syncplicity\Syncplicity.exe
uRun: [Google Update] "C:\Users\Vittorio\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
mRun: [SiteAdvisor] "C:\Program Files (x86)\SiteAdvisor\6172\SiteAdv.exe"
mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
mRun: [PDFHook] C:\Program Files (x86)\Nuance\PDF Professional 6\pdfpro6hook.exe
mRun: [PDF6 Registry Controller] C:\Program Files (x86)\Nuance\PDF Professional 6\RegistryController.exe
mRun: [Intuit SyncManager] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe startup
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Add to Google Photos Screensa&ver - C:\Windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Free YouTube to MP3 Converter - C:\Users\Vittorio\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Open with Nuance PDF Converter 6.0 - C:\Program Files (x86)\Nuance\PDF Professional 6\cnvres_eng.dll /100
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
LSP: %SYSTEMROOT%\system32\nvLsp.dll
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{A377890D-A22F-4E59-AD4D-0319B33E1ED3} : DhcpNameServer = 192.168.1.1
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
Handler: intu-help-qb4 - {ACE22922-D07C-4860-B51B-8CF472FEC2CB} - C:\Program Files (x86)\Intuit\QuickBooks 2011\HelpAsyncPluggableProtocol.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\Windows\System32\mscoree.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
Handler: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files (x86)\SiteAdvisor\6172\SiteAdv.dll
BHO-X64: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO-X64: 0x1 - No File
BHO-X64: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
BHO-X64: AVG Do Not Track: {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
BHO-X64: AVG Do Not Track - No File
BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File
BHO-X64: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO-X64: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
BHO-X64: ZeonIEEventHelper Class: {DA986D7D-CCAF-47B2-84FE-BFA1549BEBF9} - C:\Program Files (x86)\Nuance\PDF Professional 6\bin\ZeonIEFavClient.dll
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: Acer eDataSecurity Management: {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
TB-X64: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
TB-X64: Nuance PDF: {E3286BF1-E654-42FF-B4A6-5E111731DF6B} - C:\Program Files (x86)\Nuance\PDF Professional 6\bin\ZeonIEFavClient.dll
TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
mRun-x64: [SiteAdvisor] "C:\Program Files (x86)\SiteAdvisor\6172\SiteAdv.exe"
mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
mRun-x64: [PDFHook] C:\Program Files (x86)\Nuance\PDF Professional 6\pdfpro6hook.exe
mRun-x64: [PDF6 Registry Controller] C:\Program Files (x86)\Nuance\PDF Professional 6\RegistryController.exe
mRun-x64: [Intuit SyncManager] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe startup
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Vittorio\AppData\Roaming\Mozilla\Firefox\Profiles\9tn0evzh.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - google.com/ig
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\McAfee\SiteAdvisor\NPMcFFPlg32.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll
FF - plugin: C:\Program Files (x86)\Nuance\PDF Professional 6\bin\nppdf.dll
FF - plugin: C:\Program Files (x86)\Nuance\PDF Professional 6\Bin\nppdf.dll
FF - plugin: C:\Users\Vittorio\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
============= SERVICES / DRIVERS ===============
.
R? AVGIDSAgent;AVGIDSAgent
R? clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64
R? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86
R? clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64
R? gupdate;Google Update Service (gupdate)
R? gupdatem;Google Update Service (gupdatem)
R? Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service
R? PerfHost;Performance Counter DLL Host
R? Sfltmglitoup;Sfltmglitoup
R? WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0
R? WSVD;WSVD
R? XG762_VS;ZyXEL 802.11g XG762 1211 Vista Driver
S? athrusb;Atheros Wireless LAN USB device driver
S? AVGIDSDriver;AVGIDSDriver
S? AVGIDSFilter;AVGIDSFilter
S? AVGIDSHA;AVGIDSHA
S? Avgldx64;AVG AVI Loader Driver
S? Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield
S? Avgrkx64;AVG Anti-Rootkit Driver
S? Avgtdia;AVG TDI Driver
S? avgwd;AVG WatchDog
S? BUNAgentSvc;NTI Backup Now 5 Agent Service
S? dtsoftbus01;DAEMON Tools Virtual Bus Driver
S? ETService;Empowering Technology Service
S? FontCache;Windows Font Cache Service
S? Lbd;Lbd
S? MBAMProtector;MBAMProtector
S? MBAMService;MBAMService
S? McAfee SiteAdvisor Service;McAfee SiteAdvisor Service
S? NTIBackupSvc;NTI Backup Now 5 Backup Service
S? NTISchedulerSvc;NTI Backup Now 5 Scheduler Service
S? NVHDA;Service for NVIDIA High Definition Audio Driver
S? nvUpdatusService;NVIDIA Update Service Daemon
S? PDFProFiltSrv;PDFProFiltSrv
S? QBVSS;QBIDPService
.
=============== File Associations ===============
.
inffile=%SystemRoot%\SysWow64\NOTEPAD.EXE %1
inifile=%SystemRoot%\SysWow64\NOTEPAD.EXE %1
JSEFile=C:\Windows\SysWOW64\WScript.exe "%1" %*
txtfile=%SystemRoot%\SysWow64\NOTEPAD.EXE %1
VBSFile=%SystemRoot%\SysWow64\WScript.exe "%1" %*
.
=============== Created Last 30 ================
.
2012-06-13 03:51:20 -------- d-----w- C:\Users\Vittorio\AppData\Roaming\Malwarebytes
2012-06-13 03:50:58 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-06-13 03:50:58 -------- d-----w- C:\ProgramData\Malwarebytes
2012-06-13 03:50:58 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-06-13 02:08:27 -------- d-----w- C:\Users\Vittorio\AppData\Roaming\Ad-Aware Antivirus
2012-06-05 01:16:48 -------- d-----w- C:\ProgramData\IObit
2012-05-16 01:44:26 1423744 ----a-w- C:\Windows\System32\drivers\tcpip.sys
.
==================== Find3M ====================
.
2012-06-13 02:25:10 58957832 ----a-w- C:\Windows\System32\mrt.exe
2012-05-15 20:15:08 2767360 ----a-w- C:\Windows\System32\win32k.sys
2012-05-15 06:37:49 916992 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-05-15 06:37:29 1212416 ----a-w- C:\Windows\SysWow64\urlmon.dll
2012-05-15 06:37:28 105984 ----a-w- C:\Windows\SysWow64\url.dll
2012-05-15 06:35:37 206848 ----a-w- C:\Windows\SysWow64\occache.dll
2012-05-15 06:33:44 611840 ----a-w- C:\Windows\SysWow64\mstime.dll
2012-05-15 06:33:11 67072 ----a-w- C:\Windows\SysWow64\mshtmled.dll
2012-05-15 06:33:11 6007808 ----a-w- C:\Windows\SysWow64\mshtml.dll
2012-05-15 06:33:07 629760 ----a-w- C:\Windows\SysWow64\msfeeds.dll
2012-05-15 06:33:07 55296 ----a-w- C:\Windows\SysWow64\msfeedsbs.dll
2012-05-15 06:32:25 43520 ----a-w- C:\Windows\SysWow64\licmgr10.dll
2012-05-15 06:32:10 25600 ----a-w- C:\Windows\SysWow64\jsproxy.dll
2012-05-15 06:32:00 1469440 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-05-15 06:31:44 164352 ----a-w- C:\Windows\SysWow64\ieui.dll
2012-05-15 06:31:44 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2012-05-15 06:31:43 71680 ----a-w- C:\Windows\SysWow64\iesetup.dll
2012-05-15 06:31:43 2000384 ----a-w- C:\Windows\SysWow64\iertutil.dll
2012-05-15 06:31:42 55808 ----a-w- C:\Windows\SysWow64\iernonce.dll
2012-05-15 06:31:42 184320 ----a-w- C:\Windows\SysWow64\iepeers.dll
2012-05-15 06:31:42 11111424 ----a-w- C:\Windows\SysWow64\ieframe.dll
2012-05-15 06:31:38 387584 ----a-w- C:\Windows\SysWow64\iedkcs32.dll
2012-05-15 05:01:56 385024 ----a-w- C:\Windows\SysWow64\html.iec
2012-05-15 03:26:05 133632 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-05-15 03:25:37 174080 ----a-w- C:\Windows\SysWow64\ie4uinit.exe
2012-05-15 03:24:09 13312 ----a-w- C:\Windows\SysWow64\msfeedssync.exe
2012-05-15 03:23:41 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-05-15 02:19:57 1147392 ----a-w- C:\Windows\System32\wininet.dll
2012-05-15 02:19:43 1488384 ----a-w- C:\Windows\System32\urlmon.dll
2012-05-15 02:19:43 108032 ----a-w- C:\Windows\System32\url.dll
2012-05-15 02:18:19 243712 ----a-w- C:\Windows\System32\occache.dll
2012-05-15 02:16:23 1062912 ----a-w- C:\Windows\System32\mstime.dll
2012-05-15 02:15:51 98304 ----a-w- C:\Windows\System32\mshtmled.dll
2012-05-15 02:15:51 9328640 ----a-w- C:\Windows\System32\mshtml.dll
2012-05-15 02:15:47 742912 ----a-w- C:\Windows\System32\msfeeds.dll
2012-05-15 02:15:47 71680 ----a-w- C:\Windows\System32\msfeedsbs.dll
2012-05-15 02:15:14 56832 ----a-w- C:\Windows\System32\licmgr10.dll
2012-05-15 02:15:01 31744 ----a-w- C:\Windows\System32\jsproxy.dll
2012-05-15 02:14:53 1538560 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-05-15 02:14:26 77312 ----a-w- C:\Windows\System32\iesetup.dll
2012-05-15 02:14:26 2350592 ----a-w- C:\Windows\System32\iertutil.dll
2012-05-15 02:14:26 219136 ----a-w- C:\Windows\System32\ieui.dll
2012-05-15 02:14:26 132096 ----a-w- C:\Windows\System32\iesysprep.dll
2012-05-15 02:14:24 72192 ----a-w- C:\Windows\System32\iernonce.dll
2012-05-15 02:14:23 252416 ----a-w- C:\Windows\System32\iepeers.dll
2012-05-15 02:14:23 12508672 ----a-w- C:\Windows\System32\ieframe.dll
2012-05-15 02:14:12 459776 ----a-w- C:\Windows\System32\iedkcs32.dll
2012-05-15 01:21:55 479232 ----a-w- C:\Windows\System32\html.iec
2012-05-15 00:40:32 162816 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-05-15 00:40:10 70656 ----a-w- C:\Windows\System32\ie4uinit.exe
2012-05-15 00:39:38 12288 ----a-w- C:\Windows\System32\msfeedssync.exe
2012-05-15 00:39:13 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2012-05-01 14:29:44 209920 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2012-04-19 08:50:26 28480 ----a-w- C:\Windows\System32\drivers\avgidsha.sys
2012-04-04 19:56:40 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-03-30 12:45:03 1423744 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-03-20 23:34:30 72576 ----a-w- C:\Windows\System32\drivers\partmgr.sys
2012-03-19 09:17:26 383808 ----a-w- C:\Windows\System32\drivers\avgtdia.sys
.
============= FINISH: 17:45:13.28 ===============
.
==== Installed Programs ======================
.
Acer Assist
Acer eDataSecurity Management
Acer Empowering Technology
Acer eRecovery Management
Acer Registration
Acer ScreenSaver
Activation Assistant for the 2007 Microsoft Office suites
Ad-Aware
Adobe Flash Player 11 ActiveX
Adobe Illustrator 10
Adobe Photoshop CS
Adobe Reader 8.3.1
Adobe SVG Viewer 3.0
Alice Greenfingers
Azada
Backspin Billiards
Big Kahuna Reef
Bookworm Deluxe
Bricks of Egypt
Cake Mania
Canon MF Toolbox 4.9.1.1.mf12
Chicken Invaders 3
Chuzzle
Core FTP LE
Coupon Printer for Windows
DAEMON Tools Lite
Diner Dash Flo on the Go
eSobi v2
Flip Words 2
Free YouTube to MP3 Converter version 3.10.11.923
Google Chrome
Google Drive
Google Toolbar for Internet Explorer
Google Update Helper
HiJackThis
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Java(TM) 6 Update 30
Jewel Quest Solitaire
Kick N Rush
LightScribe 1.4.142.1
Mahjong Escape Ancient China
Mahjongg Artifacts
Malwarebytes Anti-Malware version 1.61.0.1400
McAfee SiteAdvisor
Microsoft Office 2007 Primary Interop Assemblies
Microsoft Office Excel MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual Studio 2005 Tools for Office Runtime
Microsoft Works
Mozilla Firefox 9.0.1 (x86 en-US)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
MSXML 4.0 SP3 Parser
MSXML 4.0 SP3 Parser (KB973685)
Music Manager
Mystery Case Files - Huntsville
Mystery Solitaire - Secret Island
NTI Backup Now 5
NTI Backup Now Standard
NTI Media Maker 8
NVIDIA ForceWare Network Access Manager
OpenOffice.org 3.3
PandoraRecovery (Remove Only)
Photo-Objects 50,000 Premium Image Collection
Picasa 3
QuickBooks
QuickBooks Pro 2011
Realtek High Definition Audio Driver
Scansoft PDF Professional
Scribus 1.4.0
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
SugarSync Manager
Tax Forms Helper 2011 10.0
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Office 2007 (KB934528)
Update for Office System 2007 Setup (KB929722)
Visual Studio 2008 x64 Redistributables
WinSCP 4.3.5
Zuma Deluxe
.
==== End Of File ===========================
Here are the logs. I appreciate any help. Thanks.
Malwarebytes Anti-Malware (Trial) 1.61.0.1400
www.malwarebytes.org
Database version: v2012.06.12.09
Windows Vista Service Pack 2 x64 NTFS
Internet Explorer 8.0.6001.19272
Vittorio :: VITTORIO-PC [administrator]
Protection: Enabled
6/13/2012 5:14:28 PM
mbam-log-2012-06-13 (17-14-28).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 224620
Time elapsed: 3 minute(s), 59 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
NO GMER LOG
"GMER hasn't found any system modification. "
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 8.0.6001.19272 BrowserJavaVersion: 1.6.0_30
Run by Vittorio at 17:43:58 on 2012-06-13
.
============== Running Processes ===============
.
C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
C:\Program Files (x86)\Nuance\PDF Professional 6\PDFProFiltSrv.exe
C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe
C:\Program Files (x86)\SiteAdvisor\6172\SAService.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
C:\Program Files (x86)\Intuit\QuickBooks 2011\QBW32.EXE
C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
C:\Program Files (x86)\Nuance\PDF Professional 6\PdfPro6Hook.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSMSNLoader32.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\Users\Vittorio\Desktop\cyhex6kh.exe
C:\Users\Vittorio\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Vittorio\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Vittorio\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Vittorio\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Vittorio\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Vittorio\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Vittorio\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Vittorio\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Vittorio\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Vittorio\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Vittorio\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Vittorio\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\Vittorio\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Vittorio\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Vittorio\Desktop\dds.scr
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
mWinlogon: Userinit=userinit.exe
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
BHO: AVG Do Not Track: {31332eef-cb9f-458f-afeb-d30e9a66b6ba} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
BHO: ZeonIEEventHelper Class: {da986d7d-ccaf-47b2-84fe-bfa1549bebf9} - C:\Program Files (x86)\Nuance\PDF Professional 6\bin\ZeonIEFavClient.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB: Acer eDataSecurity Management: {5cbe3b7c-1e47-477e-a7dd-396db0476e29} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
TB: Nuance PDF: {e3286bf1-e654-42ff-b4a6-5e111731df6b} - C:\Program Files (x86)\Nuance\PDF Professional 6\bin\ZeonIEFavClient.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [Syncplicity] C:\Program Files\Syncplicity\Syncplicity.exe
uRun: [Google Update] "C:\Users\Vittorio\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
mRun: [SiteAdvisor] "C:\Program Files (x86)\SiteAdvisor\6172\SiteAdv.exe"
mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
mRun: [PDFHook] C:\Program Files (x86)\Nuance\PDF Professional 6\pdfpro6hook.exe
mRun: [PDF6 Registry Controller] C:\Program Files (x86)\Nuance\PDF Professional 6\RegistryController.exe
mRun: [Intuit SyncManager] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe startup
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Add to Google Photos Screensa&ver - C:\Windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Free YouTube to MP3 Converter - C:\Users\Vittorio\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Open with Nuance PDF Converter 6.0 - C:\Program Files (x86)\Nuance\PDF Professional 6\cnvres_eng.dll /100
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
LSP: %SYSTEMROOT%\system32\nvLsp.dll
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{A377890D-A22F-4E59-AD4D-0319B33E1ED3} : DhcpNameServer = 192.168.1.1
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
Handler: intu-help-qb4 - {ACE22922-D07C-4860-B51B-8CF472FEC2CB} - C:\Program Files (x86)\Intuit\QuickBooks 2011\HelpAsyncPluggableProtocol.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\Windows\System32\mscoree.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
Handler: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files (x86)\SiteAdvisor\6172\SiteAdv.dll
BHO-X64: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO-X64: 0x1 - No File
BHO-X64: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
BHO-X64: AVG Do Not Track: {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
BHO-X64: AVG Do Not Track - No File
BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File
BHO-X64: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO-X64: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
BHO-X64: ZeonIEEventHelper Class: {DA986D7D-CCAF-47B2-84FE-BFA1549BEBF9} - C:\Program Files (x86)\Nuance\PDF Professional 6\bin\ZeonIEFavClient.dll
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
TB-X64: Acer eDataSecurity Management: {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
TB-X64: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
TB-X64: Nuance PDF: {E3286BF1-E654-42FF-B4A6-5E111731DF6B} - C:\Program Files (x86)\Nuance\PDF Professional 6\bin\ZeonIEFavClient.dll
TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
mRun-x64: [SiteAdvisor] "C:\Program Files (x86)\SiteAdvisor\6172\SiteAdv.exe"
mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
mRun-x64: [PDFHook] C:\Program Files (x86)\Nuance\PDF Professional 6\pdfpro6hook.exe
mRun-x64: [PDF6 Registry Controller] C:\Program Files (x86)\Nuance\PDF Professional 6\RegistryController.exe
mRun-x64: [Intuit SyncManager] C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe startup
mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Vittorio\AppData\Roaming\Mozilla\Firefox\Profiles\9tn0evzh.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - google.com/ig
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\McAfee\SiteAdvisor\NPMcFFPlg32.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll
FF - plugin: C:\Program Files (x86)\Nuance\PDF Professional 6\bin\nppdf.dll
FF - plugin: C:\Program Files (x86)\Nuance\PDF Professional 6\Bin\nppdf.dll
FF - plugin: C:\Users\Vittorio\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
============= SERVICES / DRIVERS ===============
.
R? AVGIDSAgent;AVGIDSAgent
R? clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64
R? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86
R? clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64
R? gupdate;Google Update Service (gupdate)
R? gupdatem;Google Update Service (gupdatem)
R? Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service
R? PerfHost;Performance Counter DLL Host
R? Sfltmglitoup;Sfltmglitoup
R? WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0
R? WSVD;WSVD
R? XG762_VS;ZyXEL 802.11g XG762 1211 Vista Driver
S? athrusb;Atheros Wireless LAN USB device driver
S? AVGIDSDriver;AVGIDSDriver
S? AVGIDSFilter;AVGIDSFilter
S? AVGIDSHA;AVGIDSHA
S? Avgldx64;AVG AVI Loader Driver
S? Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield
S? Avgrkx64;AVG Anti-Rootkit Driver
S? Avgtdia;AVG TDI Driver
S? avgwd;AVG WatchDog
S? BUNAgentSvc;NTI Backup Now 5 Agent Service
S? dtsoftbus01;DAEMON Tools Virtual Bus Driver
S? ETService;Empowering Technology Service
S? FontCache;Windows Font Cache Service
S? Lbd;Lbd
S? MBAMProtector;MBAMProtector
S? MBAMService;MBAMService
S? McAfee SiteAdvisor Service;McAfee SiteAdvisor Service
S? NTIBackupSvc;NTI Backup Now 5 Backup Service
S? NTISchedulerSvc;NTI Backup Now 5 Scheduler Service
S? NVHDA;Service for NVIDIA High Definition Audio Driver
S? nvUpdatusService;NVIDIA Update Service Daemon
S? PDFProFiltSrv;PDFProFiltSrv
S? QBVSS;QBIDPService
.
=============== File Associations ===============
.
inffile=%SystemRoot%\SysWow64\NOTEPAD.EXE %1
inifile=%SystemRoot%\SysWow64\NOTEPAD.EXE %1
JSEFile=C:\Windows\SysWOW64\WScript.exe "%1" %*
txtfile=%SystemRoot%\SysWow64\NOTEPAD.EXE %1
VBSFile=%SystemRoot%\SysWow64\WScript.exe "%1" %*
.
=============== Created Last 30 ================
.
2012-06-13 03:51:20 -------- d-----w- C:\Users\Vittorio\AppData\Roaming\Malwarebytes
2012-06-13 03:50:58 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-06-13 03:50:58 -------- d-----w- C:\ProgramData\Malwarebytes
2012-06-13 03:50:58 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-06-13 02:08:27 -------- d-----w- C:\Users\Vittorio\AppData\Roaming\Ad-Aware Antivirus
2012-06-05 01:16:48 -------- d-----w- C:\ProgramData\IObit
2012-05-16 01:44:26 1423744 ----a-w- C:\Windows\System32\drivers\tcpip.sys
.
==================== Find3M ====================
.
2012-06-13 02:25:10 58957832 ----a-w- C:\Windows\System32\mrt.exe
2012-05-15 20:15:08 2767360 ----a-w- C:\Windows\System32\win32k.sys
2012-05-15 06:37:49 916992 ----a-w- C:\Windows\SysWow64\wininet.dll
2012-05-15 06:37:29 1212416 ----a-w- C:\Windows\SysWow64\urlmon.dll
2012-05-15 06:37:28 105984 ----a-w- C:\Windows\SysWow64\url.dll
2012-05-15 06:35:37 206848 ----a-w- C:\Windows\SysWow64\occache.dll
2012-05-15 06:33:44 611840 ----a-w- C:\Windows\SysWow64\mstime.dll
2012-05-15 06:33:11 67072 ----a-w- C:\Windows\SysWow64\mshtmled.dll
2012-05-15 06:33:11 6007808 ----a-w- C:\Windows\SysWow64\mshtml.dll
2012-05-15 06:33:07 629760 ----a-w- C:\Windows\SysWow64\msfeeds.dll
2012-05-15 06:33:07 55296 ----a-w- C:\Windows\SysWow64\msfeedsbs.dll
2012-05-15 06:32:25 43520 ----a-w- C:\Windows\SysWow64\licmgr10.dll
2012-05-15 06:32:10 25600 ----a-w- C:\Windows\SysWow64\jsproxy.dll
2012-05-15 06:32:00 1469440 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2012-05-15 06:31:44 164352 ----a-w- C:\Windows\SysWow64\ieui.dll
2012-05-15 06:31:44 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2012-05-15 06:31:43 71680 ----a-w- C:\Windows\SysWow64\iesetup.dll
2012-05-15 06:31:43 2000384 ----a-w- C:\Windows\SysWow64\iertutil.dll
2012-05-15 06:31:42 55808 ----a-w- C:\Windows\SysWow64\iernonce.dll
2012-05-15 06:31:42 184320 ----a-w- C:\Windows\SysWow64\iepeers.dll
2012-05-15 06:31:42 11111424 ----a-w- C:\Windows\SysWow64\ieframe.dll
2012-05-15 06:31:38 387584 ----a-w- C:\Windows\SysWow64\iedkcs32.dll
2012-05-15 05:01:56 385024 ----a-w- C:\Windows\SysWow64\html.iec
2012-05-15 03:26:05 133632 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2012-05-15 03:25:37 174080 ----a-w- C:\Windows\SysWow64\ie4uinit.exe
2012-05-15 03:24:09 13312 ----a-w- C:\Windows\SysWow64\msfeedssync.exe
2012-05-15 03:23:41 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2012-05-15 02:19:57 1147392 ----a-w- C:\Windows\System32\wininet.dll
2012-05-15 02:19:43 1488384 ----a-w- C:\Windows\System32\urlmon.dll
2012-05-15 02:19:43 108032 ----a-w- C:\Windows\System32\url.dll
2012-05-15 02:18:19 243712 ----a-w- C:\Windows\System32\occache.dll
2012-05-15 02:16:23 1062912 ----a-w- C:\Windows\System32\mstime.dll
2012-05-15 02:15:51 98304 ----a-w- C:\Windows\System32\mshtmled.dll
2012-05-15 02:15:51 9328640 ----a-w- C:\Windows\System32\mshtml.dll
2012-05-15 02:15:47 742912 ----a-w- C:\Windows\System32\msfeeds.dll
2012-05-15 02:15:47 71680 ----a-w- C:\Windows\System32\msfeedsbs.dll
2012-05-15 02:15:14 56832 ----a-w- C:\Windows\System32\licmgr10.dll
2012-05-15 02:15:01 31744 ----a-w- C:\Windows\System32\jsproxy.dll
2012-05-15 02:14:53 1538560 ----a-w- C:\Windows\System32\inetcpl.cpl
2012-05-15 02:14:26 77312 ----a-w- C:\Windows\System32\iesetup.dll
2012-05-15 02:14:26 2350592 ----a-w- C:\Windows\System32\iertutil.dll
2012-05-15 02:14:26 219136 ----a-w- C:\Windows\System32\ieui.dll
2012-05-15 02:14:26 132096 ----a-w- C:\Windows\System32\iesysprep.dll
2012-05-15 02:14:24 72192 ----a-w- C:\Windows\System32\iernonce.dll
2012-05-15 02:14:23 252416 ----a-w- C:\Windows\System32\iepeers.dll
2012-05-15 02:14:23 12508672 ----a-w- C:\Windows\System32\ieframe.dll
2012-05-15 02:14:12 459776 ----a-w- C:\Windows\System32\iedkcs32.dll
2012-05-15 01:21:55 479232 ----a-w- C:\Windows\System32\html.iec
2012-05-15 00:40:32 162816 ----a-w- C:\Windows\System32\ieUnatt.exe
2012-05-15 00:40:10 70656 ----a-w- C:\Windows\System32\ie4uinit.exe
2012-05-15 00:39:38 12288 ----a-w- C:\Windows\System32\msfeedssync.exe
2012-05-15 00:39:13 1638912 ----a-w- C:\Windows\System32\mshtml.tlb
2012-05-01 14:29:44 209920 ----a-w- C:\Windows\System32\drivers\rdpwd.sys
2012-04-19 08:50:26 28480 ----a-w- C:\Windows\System32\drivers\avgidsha.sys
2012-04-04 19:56:40 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-03-30 12:45:03 1423744 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-03-20 23:34:30 72576 ----a-w- C:\Windows\System32\drivers\partmgr.sys
2012-03-19 09:17:26 383808 ----a-w- C:\Windows\System32\drivers\avgtdia.sys
.
============= FINISH: 17:45:13.28 ===============
.
==== Installed Programs ======================
.
Acer Assist
Acer eDataSecurity Management
Acer Empowering Technology
Acer eRecovery Management
Acer Registration
Acer ScreenSaver
Activation Assistant for the 2007 Microsoft Office suites
Ad-Aware
Adobe Flash Player 11 ActiveX
Adobe Illustrator 10
Adobe Photoshop CS
Adobe Reader 8.3.1
Adobe SVG Viewer 3.0
Alice Greenfingers
Azada
Backspin Billiards
Big Kahuna Reef
Bookworm Deluxe
Bricks of Egypt
Cake Mania
Canon MF Toolbox 4.9.1.1.mf12
Chicken Invaders 3
Chuzzle
Core FTP LE
Coupon Printer for Windows
DAEMON Tools Lite
Diner Dash Flo on the Go
eSobi v2
Flip Words 2
Free YouTube to MP3 Converter version 3.10.11.923
Google Chrome
Google Drive
Google Toolbar for Internet Explorer
Google Update Helper
HiJackThis
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Java(TM) 6 Update 30
Jewel Quest Solitaire
Kick N Rush
LightScribe 1.4.142.1
Mahjong Escape Ancient China
Mahjongg Artifacts
Malwarebytes Anti-Malware version 1.61.0.1400
McAfee SiteAdvisor
Microsoft Office 2007 Primary Interop Assemblies
Microsoft Office Excel MUI (English) 2007
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual Studio 2005 Tools for Office Runtime
Microsoft Works
Mozilla Firefox 9.0.1 (x86 en-US)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 Parser and SDK
MSXML 4.0 SP3 Parser
MSXML 4.0 SP3 Parser (KB973685)
Music Manager
Mystery Case Files - Huntsville
Mystery Solitaire - Secret Island
NTI Backup Now 5
NTI Backup Now Standard
NTI Media Maker 8
NVIDIA ForceWare Network Access Manager
OpenOffice.org 3.3
PandoraRecovery (Remove Only)
Photo-Objects 50,000 Premium Image Collection
Picasa 3
QuickBooks
QuickBooks Pro 2011
Realtek High Definition Audio Driver
Scansoft PDF Professional
Scribus 1.4.0
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
SugarSync Manager
Tax Forms Helper 2011 10.0
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Office 2007 (KB934528)
Update for Office System 2007 Setup (KB929722)
Visual Studio 2008 x64 Redistributables
WinSCP 4.3.5
Zuma Deluxe
.
==== End Of File ===========================