It looks like I may be infected with the following virus:Backdoor.Win32.ZAccess.oun/ Backdoor Generic 15.AXLA. I believe it may be the reason why I cannot access any Https site, especially Gmail.com. Google and other search engines force a redirect upon clicking any links. Any help is appreciated, thanks.
DDS:
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_31
Run by Robert at 6:24:24 on 2012-05-19
Microsoft Windows 7 Home Premium
6.1.7601.1.1252.1.1033.18.6135.3345 [GMT -4:00]
.
AV: Spyware Doctor with AntiVirus *Disabled/Updated* {2F668A56-D5E0-
2DF1-A0AE-CB1284F42AB2}
AV: AVG Anti-Virus *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-
ADB11639C5F0}
SP: AVG Anti-Virus *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-
96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-
DA132C1ACF46}
SP: Spyware Doctor *Disabled/Updated* {94076BB2-F3DA-227F-9A1E-
F060FF73600F}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Program Files (x86)\AVG\AVG9\avgchsva.exe
C:\Program Files (x86)\AVG\AVG9\avgrsa.exe
C:\Program Files (x86)\AVG\AVG9\avgcsrva.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support
\AppleMobileDeviceService.exe
C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe
C:\Windows\system32\crypserv.exe
C:\Windows\SysWOW64\nlssrv32.exe
C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k regsvc
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\StkCSrv.exe
C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live
\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live
\WLIDSvcM.exe
C:\Program Files (x86)\AVG\AVG9\avgemc.exe
C:\Program Files (x86)\AVG\AVG9\avgcsrvx.exe
C:\Program Files (x86)\AVG\AVG9\avgam.exe
C:\Program Files (x86)\AVG\AVG9\avgnsa.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\AVG\AVG9\avgcsrva.exe
C:\Windows\system32\taskhost.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
C:\Program Files (x86)\AVG\AVG9\avgtray.exe
C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
c:\Program Files\Zune\ZuneNss.exe
C:\Program Files\Common Files\Microsoft Shared\Ink
\InputPersonalization.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\PC Tools\PC Tools Registry Mechanic\update.exe
C:\Program Files (x86)\Spyware Doctor\BDT\BDTUpdateService.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Windows\system32\taskhost.exe
C:\Users\Robert\AppData\Local\Google\Update
\1.3.21.111\GoogleCrashHandler.exe
C:\Users\Robert\AppData\Local\Google\Update
\1.3.21.111\GoogleCrashHandler64.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\SysWOW64\Macromed\Flash
\FlashUtil32_11_2_202_233_ActiveX.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\SysWOW64\ping.exe
C:\Windows\system32\conhost.exe
C:\Users\Robert\AppData\Local\Google\Google Talk Plugin
\googletalkplugin.exe
C:\Windows\sysWOW64\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\notepad.exe
C:\Windows\system32\wbem\WmiApSrv.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\SysWOW64\ping.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\ping.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\DllHost.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/ig
mStart Page = hxxp://www.google.com/ig
mWinlogon: Userinit=userinit.exe,
BHO: IE7Pro BHO: {00011268-e188-40df-a514-835fcd78b1bf} - C:\Program
Files (x86)\IEPro\iepro.dll
BHO: ContributeBHO Class: {074c1dc5-9320-4a9a-947d-c042949c6216} -
C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin
\contributeieplugin.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} -
C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX
\AcroIEHelperShim.dll
BHO: PC Tools Browser Guard BHO: {2a0f3d1b-0909-4ff4-b272-
609cce6054e7} - C:\Program Files (x86)\Spyware Doctor\BDT
\PCTBrowserDefender.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer:
{3049c3e9-b461-4bc5-8870-4c09146192ca} - C:\ProgramData\Real
\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-
1449a49795f4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie
\DivXHTML5\DivXHTML5.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:
\Program Files (x86)\AVG\AVG9\avgssie.dll
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-
d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-
5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared
\Windows Live\WindowsLiveLogin.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-
0445ee161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat
\ActiveX\AcroIEFavClient.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-
9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - C:
\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX
\AcroIEFavClient.dll
TB: Contribute Toolbar: {517bdde4-e3a7-4570-b21e-2b52b6139fc7} - C:
\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin
\contributeieplugin.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - C:\Program
Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Grab Pro: {c55bbcd6-41ad-48ad-9953-3609c48eacc7} - C:\Program
Files (x86)\IEPro\IEProRecorder.dll
TB: PC Tools Browser Guard: {472734ea-242a-422b-adf8-83d1e48cc825} -
C:\Program Files (x86)\Spyware Doctor\BDT\PCTBrowserDefender.dll
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
uRun: [AdobeBridge]
uRun: [2B390E20C3C24B14098C7DEC978DB109F0CAB431._service_run] "C:
\Users\Robert\AppData\Local\Google\Chrome\Application\chrome.exe" --
type=service
mRun: [AVG9_TRAY] C:\PROGRA~2\AVG\AVG9\avgtray.exe
mRun: [<NO NAME>]
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files
(x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRunOnce: [GrpConv] grpconv -o
StartupFolder: C:\Users\Robert\AppData\Roaming\MICROS~1\Windows
\STARTM~1\Programs\Startup\_UNINS~1.LNK - C:\Users\Robert\AppData
\Local\Temp\_uninst_57465452.bat
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Append Link Target to Existing PDF - C:\Program Files
(x86)\Common Files\Adobe\Acrobat\ActiveX
\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - C:\Program Files (x86)\Common Files
\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common
Files\Adobe\Acrobat\ActiveX
\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe
\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - C:
\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {000002a3-84fe-43f1-b958-f2c3ca804f1a} - {CD275D4E-791A-4993-
9D4D-6A071EDD2709} - C:\Program Files (x86)\IEPro\iepro.dll
IE: {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - {B119EB0C-C021-46CF-
85B0-34A760E0D5FE} - C:\Program Files (x86)\IEPro\iepro.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-
914C-F5F514E3486C} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-
BF3B-96E929D65503} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
LSP: mswsock.dll
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: live.com\login
Trusted Zone: soe.com
Trusted Zone: sony.com
Trusted Zone: xbox.com\live
DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} -
hxxp://www.nvidia.com/content/DriverDow ... l_bin/sysr
eqlab_nvd.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} -
hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} -
hxxp://support.dell.com/systemprofiler/ ... emLite.CAB
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} -
hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} -
hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} -
hxxp://content.systemrequirementslab.co ... lobal/bin/
srldetect_intel_4.4.15.0.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} -
hxxp://fpdownload2.macromedia.com/get/s ... swflash.ca
b
DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} -
hxxp://content.systemrequirementslab.co ... lobal/bin/
srldetect_cyri_4.4.13.0.cab
TCP: Interfaces\{80E4F753-79B0-4371-8001-1B1210C94CD7} : NameServer =
208.59.247.45,208.59.247.46
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:
\Program Files (x86)\AVG\AVG9\avgpp.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program
Files (x86)\Windows Live\Photo Gallery
\AlbumDownloadProtocolHandler.dll
BHO-X64: IE7Pro BHO: {00011268-E188-40DF-A514-835FCD78B1BF} - C:
\Program Files (x86)\IEPro\iepro.dll
BHO-X64: IE7Pro - No File
BHO-X64: ContributeBHO Class: {074C1DC5-9320-4A9A-947D-C042949C6216}
- C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin
\contributeieplugin.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-
FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat
\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: PC Tools Browser Guard BHO: {2A0F3D1B-0909-4FF4-B272-
609CCE6054E7} - C:\Program Files (x86)\Spyware Doctor\BDT
\PCTBrowserDefender.dll
BHO-X64: Browser Defender BHO - No File
BHO-X64: RealPlayer Download and Record Plugin for Internet Explorer:
{3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real
\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
BHO-X64: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-
9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web
Player\ie\DivXHTML5\DivXHTML5.dll
BHO-X64: Increase performance and video formats for your HTML5
<video> - No File
BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -
C:\Program Files (x86)\AVG\AVG9\avgssie.dll
BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File
BHO-X64: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-
D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-
5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared
\Windows Live\WindowsLiveLogin.dll
BHO-X64: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-
8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe
\Acrobat\ActiveX\AcroIEFavClient.dll
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-
9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} -
C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX
\AcroIEFavClient.dll
BHO-X64: SmartSelect - No File
TB-X64: Contribute Toolbar: {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} -
C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin
\contributeieplugin.dll
TB-X64: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:
\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX
\AcroIEFavClient.dll
TB-X64: Grab Pro: {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program
Files (x86)\IEPro\IEProRecorder.dll
TB-X64: PC Tools Browser Guard: {472734EA-242A-422B-ADF8-
83D1E48CC825} - C:\Program Files (x86)\Spyware Doctor\BDT
\PCTBrowserDefender.dll
TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
mRun-x64: [AVG9_TRAY] C:\PROGRA~2\AVG\AVG9\avgtray.exe
mRun-x64: [(Default)]
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files
(x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
mRunOnce-x64: [GrpConv] grpconv -o
Hosts: 0.0.0.0 localhost
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Robert\AppData\Roaming\Mozilla\Firefox
\Profiles\v6b6yo8x.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ig?
hl=en&source=iglk
FF - prefs.js: keyword.URL - hxxp://websearch.search-
results.com/redirect?client=ff&src=kw&tb=GET-
SRS&o=16705&locale=en_US&apn_uid=BC0166FB-FA88-43E0-A157-
C5103FAB4F75&apn_ptnrs=2R&apn_sauid=EAA064AE-52B5-4D21-B0FD-
F22481B464A2&apn_dtid=get001YYUS&q=
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\Program Files (x86)\Amazon\MP3 Downloader
\npAmazonMP3DownloaderPlugin.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper
\npovshelper.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player
\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Google\Update
\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update
\1.3.21.69\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update
\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update
\1.3.21.99\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin
\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin
\plugin2\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight
\4.1.10111.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins
\npContribute.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins
\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins
\npdnupdater2.dll
FF - plugin: C:\Program Files (x86)\TabletPlugins\npwacom.dll
FF - plugin: C:\Program Files (x86)\Veetle\Player\npvlc.dll
FF - plugin: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery
\NPWLPG.dll
FF - plugin: C:\ProgramData\hanbitsoft\nphlauncher.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin
\MozillaPlugins\nprpchromebrowserrecordext.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin
\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: C:\Users\Robert\AppData\Local\Google\Update
\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: C:\Users\Robert\AppData\Roaming\Mozilla\plugins
\npgoogletalk.dll
FF - plugin: C:\Users\Robert\AppData\Roaming\Mozilla\plugins
\npgtpo3dautoplugin.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash
\NPSWF32_11_2_202_183.dll
.
---- FIREFOX POLICIES ----
FF - user.js: network.protocol-handler.warn-external.dnupdate -
false);user_pref(network.protocol-handler.warn-external.dnupdate,
false
============= SERVICES / DRIVERS ===============
.
R0 23019978;23019978;C:\Windows\system32\DRIVERS\23019978.sys --> C:
\Windows\system32\DRIVERS\23019978.sys [?]
R0 AvgRkx64;avgrkx64.sys;C:\Windows\system32\Drivers\avgrkx64.sys -->
C:\Windows\system32\Drivers\avgrkx64.sys [?]
R0 PCTCore;PCTools KDS;C:\Windows\system32\drivers\PCTCore64.sys -->
C:\Windows\system32\drivers\PCTCore64.sys [?]
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:
\Windows\system32\Drivers\PxHlpa64.sys [?]
R1 AvgLdx64;AVG AVI Loader Driver x64;C:\Windows\system32\Drivers
\avgldx64.sys --> C:\Windows\system32\Drivers\avgldx64.sys [?]
R1 AvgMfx64;AVG On-access Scanner Minifilter Driver x64;C:\Windows
\system32\Drivers\avgmfx64.sys --> C:\Windows\system32\Drivers
\avgmfx64.sys [?]
R1 AvgTdiA;AVG Network Redirector x64;C:\Windows\system32\Drivers
\avgtdia.sys --> C:\Windows\system32\Drivers\avgtdia.sys [?]
R2 avg9emc;AVG E-mail Scanner;C:\Program Files (x86)\AVG
\AVG9\avgemc.exe [2010-9-8 921952]
R2 avg9wd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG9\avgwdsvc.exe
[2010-9-8 308136]
R2 BrcmMgmtAgent;Broadcom Management Agent;C:\Program Files\Broadcom
\MgmtAgent\BrcmMgmtAgent.exe [2009-4-17 147456]
R2 Browser Defender Update Service;Browser Defender Update
Service;C:\Program Files (x86)\Spyware Doctor\BDT
\BDTUpdateService.exe [2012-5-18 112592]
R2 cpuz134;cpuz134;\??\C:\Windows\system32\drivers\cpuz134_x64.sys
--> C:\Windows\system32\drivers\cpuz134_x64.sys [?]
R2 cpuz135;cpuz135;\??\C:\Windows\system32\drivers\cpuz135_x64.sys
--> C:\Windows\system32\drivers\cpuz135_x64.sys [?]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes'
Anti-Malware\mbamservice.exe [2012-3-4 652360]
R2 nlsX86cc;Nalpeiron Licensing Service;C:\Windows
\SysWOW64\nlssrv32.exe [2010-12-23 66560]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor
service;C:\Program Files (x86)\Common Files\PC Tools\sMonitor
\StartManSvc.exe [2011-12-17 793048]
R2 Sentinel64;Sentinel64;C:\Windows\system32\Drivers\Sentinel64.sys
--> C:\Windows\system32\Drivers\Sentinel64.sys [?]
R2 StkSSrv;Syntek AVStream USB2.0 ATV Service;C:\Windows
\System32\StkCSrv.exe --> C:\Windows\System32\StkCSrv.exe [?]
R2 TabletServiceWacom;TabletServiceWacom;C:\Program Files\Tablet
\Wacom\Wacom_Tablet.exe [2010-11-28 5716848]
R3 hcwhdpvr;Hauppauge HD PVR Capture Device;C:\Windows
\system32\DRIVERS\hcwhdpvr.sys --> C:\Windows\system32\DRIVERS
\hcwhdpvr.sys [?]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;C:
\Windows\system32\DRIVERS\k57nd60a.sys --> C:\Windows
\system32\DRIVERS\k57nd60a.sys [?]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers
\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows
\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers
\nvhda64v.sys [?]
R3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\system32\DRIVERS
\wdcsam64.sys --> C:\Windows\system32\DRIVERS\wdcsam64.sys [?]
RUnknown 7546750drv;7546750drv; [x]
RUnknown 77883618;77883618; [x]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN
v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework
\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN
v4.0.30319_X64;C:\Windows\Microsoft.NET
\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files
(x86)\Google\Update\GoogleUpdate.exe [2010-12-11 136176]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:
\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-
1-29 253088]
S3 BroadCamService;BroadCam Video Streaming Server;C:\Program Files
(x86)\NCH Software\BroadCam\broadcam.exe [2010-11-22 1175556]
S3 BrYNSvc;BrYNSvc;C:\Program Files (x86)\Browny02\BrYNSvc.exe [2011
-9-1 245760]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files
(x86)\Google\Update\GoogleUpdate.exe [2010-12-11 136176]
S3 sdAuxService;PC Tools Auxiliary Service;C:\Program Files
(x86)\Spyware Doctor\pctsAuxs.exe [2012-5-18 366840]
S3 sdCoreService;PC Tools Security Service;C:\Program Files
(x86)\Spyware Doctor\pctsSvc.exe [2012-5-18 1142224]
S3 StkCMini;Syntek AVStream USB2.0 ATV;C:\Windows\system32\Drivers
\StkCMini.sys --> C:\Windows\system32\Drivers\StkCMini.sys [?]
S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files
\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:
\Windows\system32\drivers\tsusbflt.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers
\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 wacmoumonitor;Wacom Mode Helper;C:\Windows\system32\DRIVERS
\wacmoumonitor.sys --> C:\Windows\system32\DRIVERS\wacmoumonitor.sys
[?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows
\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat
\WatAdminSvc.exe [?]
S3 WMZuneComm;Zune Windows Mobile Connectivity Service;C:\Program
Files\Zune\WMZuneComm.exe [2010-9-24 306416]
.
=============== Created Last 30 ================
.
2012-05-19 02:21:28 8955792 ------w- C:\ProgramData
\Microsoft\Windows Defender\Definition Updates\Updates\mpengine.dll
2012-05-18 23:13:21 767952 ----a-w- C:\Windows
\BDTSupport.dll
2012-05-18 23:13:21 165840 ----a-w- C:\Windows
\PCTBDRes.dll
2012-05-18 23:13:21 1652688 ----a-w- C:\Windows
\PCTBDCore.dll
2012-05-18 23:13:21 149456 ----a-w- C:\Windows
\SGDetectionTool.dll
2012-05-18 23:12:47 306648 ----a-w- C:\Windows
\System32\drivers\pctgntdi64.sys
2012-05-18 23:12:47 133072 ----a-w- C:\Windows
\System32\drivers\pctwfpfilter64.sys
2012-05-18 23:12:43 233488 ----a-w- C:\Windows
\System32\drivers\PCTCore64.sys
2012-05-18 23:12:40 92896 ----a-w- C:\Windows
\System32\drivers\pctplsg64.sys
2012-05-18 23:12:36 -------- d-----w- C:\Users
\Robert\AppData\Roaming\PC Tools
2012-05-18 23:12:36 -------- d-----w- C:\Program
Files (x86)\Spyware Doctor
2012-05-18 16:28:18 -------- d-----w- C:
\ProgramData\Kaspersky Lab
2012-05-18 16:27:25 460888 ----a-w- C:\Windows
\System32\drivers\23019978.sys
2012-05-18 06:46:33 -------- d-sh--w- C:\Windows
\SysWow64\%APPDATA%
2012-05-15 22:15:02 -------- d-----w- C:\Program
Files (x86)\Sonic The Hedgehog 4 - Episode 2
2012-05-15 20:25:31 -------- d-----w- C:\Program
Files (x86)\Diablo III
2012-05-12 21:07:14 -------- d-----w- C:
\ProgramData\3DMGAME
2012-05-12 19:27:15 -------- d-----w- C:\Program
Files (x86)\Sid Meier's Civilization V
2012-05-12 00:13:17 -------- d-----w- C:
\ProgramData\RELOADED
2012-05-10 23:08:21 1544704 ----a-w- C:\Windows
\System32\DWrite.dll
2012-05-10 23:08:21 1077248 ----a-w- C:\Windows
\SysWow64\DWrite.dll
2012-05-10 23:08:18 5559664 ----a-w- C:\Windows
\System32\ntoskrnl.exe
2012-05-10 23:08:17 3146240 ----a-w- C:\Windows
\System32\win32k.sys
2012-05-10 23:08:16 3968368 ----a-w- C:\Windows
\SysWow64\ntkrnlpa.exe
2012-05-10 23:08:15 3913072 ----a-w- C:\Windows
\SysWow64\ntoskrnl.exe
2012-05-10 23:08:02 75120 ----a-w- C:\Windows
\System32\drivers\partmgr.sys
2012-05-10 23:07:58 1918320 ----a-w- C:\Windows
\System32\drivers\tcpip.sys
2012-05-10 23:07:56 936960 ----a-w- C:\Program Files
(x86)\Common Files\Microsoft Shared\ink\journal.dll
2012-05-10 23:07:56 1732096 ----a-w- C:\Program Files
\Windows Journal\NBDoc.DLL
2012-05-10 23:07:56 1402880 ----a-w- C:\Program Files
\Windows Journal\JNWDRV.dll
2012-05-10 23:07:56 1393664 ----a-w- C:\Program Files
\Windows Journal\JNTFiltr.dll
2012-05-10 23:07:56 1367552 ----a-w- C:\Program Files
\Common Files\Microsoft Shared\ink\journal.dll
2012-05-03 16:34:51 -------- d-----w- C:\Program
Files (x86)\The Walking Dead
2012-05-02 04:00:38 -------- d-----w- C:
\ProgramData\CrypKey
2012-05-02 03:56:23 -------- d-----w- C:\Log
2012-05-02 03:54:57 28664 ----a-w- C:\Windows
\System32\Ckldrv.sys
2012-05-02 03:54:57 27648 ----a-r- C:\Windows
\Setup_ck.exe
2012-05-02 03:54:57 18432 ----a-w- C:\Windows
\Setup_ck.dll
2012-05-02 03:54:57 165888 ----a-w- C:\Windows
\Ckconfig.exe
2012-05-02 03:54:57 122880 ----a-w- C:\Windows
\System32\Crypserv.exe
2012-05-02 03:54:57 11776 ----a-w- C:\Windows
\Ckrfresh.exe
2012-05-02 03:54:51 -------- d-----w- C:\Program
Files (x86)\Stellar Phoenix NTFS Data Recovery
2012-05-02 03:40:17 -------- d-----w- C:\Users
\Robert\AppData\Local\APN
2012-05-01 20:38:51 -------- d-----w- C:
\ProgramData\Cached Installations
2012-04-29 18:01:05 -------- d-----w- C:\Users
\Robert\AppData\Local\Risen2
2012-04-29 11:41:35 -------- d-----w- C:\Users
\Robert\AppData\Local\DDMSettings
2012-04-29 10:55:36 -------- d-----w- C:\Program
Files (x86)\Deep Silver
2012-04-20 19:11:54 626688 ----a-w- C:\Program Files
(x86)\Mozilla Firefox\msvcr80.dll
2012-04-20 19:11:54 592824 ----a-w- C:\Program Files
(x86)\Mozilla Firefox\gkmedias.dll
2012-04-20 19:11:54 548864 ----a-w- C:\Program Files
(x86)\Mozilla Firefox\msvcp80.dll
2012-04-20 19:11:54 479232 ----a-w- C:\Program Files
(x86)\Mozilla Firefox\msvcm80.dll
2012-04-20 19:11:54 44472 ----a-w- C:\Program Files
(x86)\Mozilla Firefox\mozglue.dll
2012-04-19 22:33:41 393216 ----a-w- C:\Windows
\SysWow64\MSLUP60.dll
2012-04-19 22:33:40 256768 ----a-w- C:\Windows
\SysWow64\MSLURT.dll
2012-04-19 22:33:40 245408 ----a-w- C:\Windows
\SysWow64\unicows.dll
2012-04-19 22:31:56 189952 ----a-w- C:\Windows
\System32\drivers\hcwhdpvr.sys
.
==================== Find3M ====================
.
2012-04-18 23:40:05 70304 ----a-w- C:\Windows
\SysWow64\FlashPlayerCPLApp.cpl
2012-04-18 23:40:05 418464 ----a-w- C:\Windows
\SysWow64\FlashPlayerApp.exe
2012-04-12 05:18:27 269712 ----a-w- C:\Windows
\SysWow64\PnkBstrB.xtr
2012-04-12 05:18:27 269712 ----a-w- C:\Windows
\SysWow64\PnkBstrB.exe
2012-04-06 00:24:21 269712 ----a-w- C:\Windows
\SysWow64\PnkBstrB.ex0
2012-03-16 23:43:51 499712 ----a-w- C:\Windows
\SysWow64\msvcp71.dll
2012-03-08 03:20:06 472808 ----a-w- C:\Windows
\SysWow64\deployJava1.dll
2012-03-08 01:42:37 384 ----a-w- C:\Windows
\SysWow64\checkOS.bat
2012-03-01 06:46:16 23408 ----a-w- C:\Windows
\System32\drivers\fs_rec.sys
2012-03-01 06:38:27 220672 ----a-w- C:\Windows
\System32\wintrust.dll
2012-03-01 06:33:50 81408 ----a-w- C:\Windows
\System32\imagehlp.dll
2012-03-01 06:28:47 5120 ----a-w- C:\Windows
\System32\wmi.dll
2012-03-01 05:37:41 172544 ----a-w- C:\Windows
\SysWow64\wintrust.dll
2012-03-01 05:33:23 159232 ----a-w- C:\Windows
\SysWow64\imagehlp.dll
2012-03-01 05:29:16 5120 ----a-w- C:\Windows
\SysWow64\wmi.dll
2012-03-01 03:41:04 76888 ----a-w- C:\Windows
\SysWow64\PnkBstrA.exe
2012-02-29 13:38:00 3130440 ----a-w- C:\Windows
\SysWow64\pbsvc_blr (1).exe
2012-02-28 06:56:48 2311168 ----a-w- C:\Windows
\System32\jscript9.dll
2012-02-28 06:49:56 1390080 ----a-w- C:\Windows
\System32\wininet.dll
2012-02-28 06:48:57 1493504 ----a-w- C:\Windows
\System32\inetcpl.cpl
2012-02-28 06:42:55 2382848 ----a-w- C:\Windows
\System32\mshtml.tlb
2012-02-28 01:18:55 1799168 ----a-w- C:\Windows
\SysWow64\jscript9.dll
2012-02-28 01:11:21 1427456 ----a-w- C:\Windows
\SysWow64\inetcpl.cpl
2012-02-28 01:11:07 1127424 ----a-w- C:\Windows
\SysWow64\wininet.dll
2012-02-28 01:03:16 2382848 ----a-w- C:\Windows
\SysWow64\mshtml.tlb
2012-02-23 14:18:36 279656 ------w- C:\Windows
\System32\MpSigStub.exe
.
============= FINISH: 6:25:42.20 ===============
Attach