Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

I think im infected

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

I think im infected

Unread postby gaspardos » August 30th, 2014, 6:53 am

Here is the dds log as requested

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17239
Run by asesd at 13:50:31 on 2014-08-30
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.358.1033.18.8157.6503 [GMT 3:00]
.
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: Online Armor Firewall *Enabled* {BD3F5FCA-866B-1E2E-0A68-58900A751EA1}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Online Armor\OAcat.exe
C:\Program Files (x86)\Online Armor\oasrv.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Elisa\Mobiililaajakaista-ohjelma\BecHelperService.exe
C:\Users\asesd\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Elisa\Mobiililaajakaista-ohjelma\LoggerServer.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files (x86)\ASUS\ASUS Easy Update\ALU.exe
C:\Users\asesd\AppData\Local\Akamai\netsession_win.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Online Armor\oaui.exe
C:\Program Files (x86)\Online Armor\OAhlp.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uProxyOverride = <local>
mWinlogon: Userinit = userinit.exe
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
uRun: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
uRun: [Akamai NetSession Interface] "C:\Users\asesd\AppData\Local\Akamai\netsession_win.exe"
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
TCP: NameServer = 77.223.60.102 77.223.61.2
TCP: Interfaces\{2C22B948-D913-4910-8DC1-5695C06669BB} : DHCPNameServer = 77.223.60.102 77.223.61.2
TCP: Interfaces\{DB443A85-2F76-4C08-92AB-BD5C642DC1FF} : NameServer = 195.197.54.100 195.74.0.47
SSODL: WebCheck - <orphaned>
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-Run: [ShadowPlay] C:\Windows\System32\rundll32.exe C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2014-8-17 65776]
R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2014-8-17 224896]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2014-8-17 1041168]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswsp.sys [2014-8-17 427360]
R1 OADevice;OADriver;C:\Windows\SysWOW64\drivers\OADriver.sys [2014-8-17 64720]
R1 oahlpXX;Online Armor helper driver;C:\Windows\SysWOW64\drivers\oahlp64.sys [2014-8-17 62008]
R1 OAmon;OAmon;C:\Windows\SysWOW64\drivers\OAmon.sys [2014-8-17 52360]
R2 asHmComSvc;ASUS HM Com Service;C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe [2014-8-30 915584]
R2 aswHwid;avast! HardwareID;C:\Windows\System32\drivers\aswHwid.sys [2014-8-17 29208]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2014-8-17 79184]
R2 aswStm;aswStm;C:\Windows\System32\drivers\aswStm.sys [2014-8-17 92008]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-8-17 50344]
R2 BecHelperService;BEC Helper Service;C:\Program Files (x86)\Elisa\Mobiililaajakaista-ohjelma\BecHelperService.exe [2013-5-27 1286144]
R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-8-17 1720608]
R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-8-17 18956064]
R2 OAcat;Online Armor Helper Service;C:\Program Files (x86)\Online Armor\oacat.exe [2014-8-17 584864]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-8-17 411936]
R2 SvcOnlineArmor;Online Armor;C:\Program Files (x86)\Online Armor\oasrv.exe [2014-8-17 4457688]
R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\System32\drivers\asmthub3.sys [2012-2-21 130536]
R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\System32\drivers\asmtxhci.sys [2012-2-21 396776]
R3 huawei_enumerator;huawei_enumerator;C:\Windows\System32\drivers\ew_jubusenum.sys [2014-8-17 90112]
R3 NvStreamKms;NvStreamKms;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-8-17 20256]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2014-8-17 40392]
R3 OAnet;OnlineArmor Service;C:\Windows\System32\drivers\OAnet.sys [2014-8-17 35368]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-6-10 539240]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S3 DrvAgent64;DrvAgent64;C:\Windows\SysWOW64\drivers\DrvAgent64.SYS [2014-8-30 21712]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;C:\Windows\System32\drivers\ew_hwusbdev.sys [2014-8-17 117248]
S3 ew_usbenumfilter;huawei_CompositeFilter;C:\Windows\System32\drivers\ew_usbenumfilter.sys [2014-8-17 14336]
S3 huawei_cdcacm;huawei_cdcacm;C:\Windows\System32\drivers\ew_jucdcacm.sys [2014-8-17 104960]
S3 huawei_ext_ctrl;huawei_ext_ctrl;C:\Windows\System32\drivers\ew_juextctrl.sys [2014-8-17 30720]
S3 huawei_wwanecm;huawei_wwanecm;C:\Windows\System32\drivers\ew_juwwanecm.sys [2014-8-17 240128]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-8-17 111616]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2014-8-17 1255736]
.
=============== Created Last 30 ================
.
2014-08-30 06:08:23 -------- d-----w- C:\Users\asesd\AppData\Roaming\HeroesAndGeneralsDesktop
2014-08-30 05:48:29 16896 ----a-w- C:\Windows\AsTaskSched.dll
2014-08-30 05:47:58 28672 ----a-w- C:\Windows\SysWow64\AsIO.dll
2014-08-30 05:47:58 13440 ----a-w- C:\Windows\SysWow64\drivers\AsIO.sys
2014-08-30 05:47:52 11832 ------w- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
2014-08-30 05:47:52 10216 ------w- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
2014-08-30 05:38:58 1051072 ----a-w- C:\Windows\PE_File.dll
2014-08-30 05:38:51 985536 ----a-w- C:\Windows\PE_Rom.dll
2014-08-30 05:38:02 14464 ----a-w- C:\Windows\SysWow64\drivers\AsUpIO.sys
2014-08-30 05:38:00 -------- d-----w- C:\Program Files (x86)\ASUS
2014-08-30 05:37:35 225280 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\IScript\iscript.dll
2014-08-30 05:37:33 176128 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\iuser.dll
2014-08-30 05:37:30 77824 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\ctor.dll
2014-08-30 05:37:30 32768 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\objectps.dll
2014-08-30 05:37:26 614532 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe
2014-08-30 05:27:33 -------- d-----w- C:\Users\asesd\AppData\Local\Akamai
2014-08-30 05:21:00 21712 ----a-w- C:\Windows\SysWow64\drivers\DrvAgent64.SYS
2014-08-30 05:21:00 -------- d-----w- C:\Users\asesd\AppData\Local\eSupport.com
2014-08-30 05:12:43 -------- d-----w- C:\Program Files\CPUID
2014-08-29 18:36:56 -------- d-----w- C:\Windows\ERUNT
2014-08-29 18:31:15 -------- d-----w- C:\AdwCleaner
2014-08-29 18:13:56 404480 ----a-w- C:\Windows\System32\gdi32.dll
2014-08-29 18:13:56 3163648 ----a-w- C:\Windows\System32\win32k.sys
2014-08-29 18:13:56 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll
2014-08-29 13:09:23 -------- d-----w- C:\Program Files (x86)\SpeedFan
2014-08-17 12:48:19 452440 ----a-w- C:\Windows\SysWow64\d3dx10_40.dll
2014-08-17 12:47:59 489480 ----a-w- C:\Windows\System32\XAudio2_0.dll
2014-08-17 10:04:51 -------- d-----w- C:\FRST
2014-08-17 09:49:49 -------- d-----w- C:\Users\asesd\AppData\Roaming\NVIDIA
2014-08-17 09:48:47 -------- d-----w- C:\.jagex_cache_32
2014-08-17 09:48:19 -------- d-----w- C:\Users\asesd\jagexcache
2014-08-17 09:24:22 -------- d-----w- C:\Users\asesd\AppData\Local\Microsoft Games
2014-08-17 09:04:46 -------- d-----w- C:\Program Files (x86)\Elisa
2014-08-17 08:25:31 -------- d-----w- C:\Windows\Panther
2014-08-17 07:54:58 -------- d-----w- C:\Program Files (x86)\Common Files\Steam
2014-08-17 07:54:56 -------- d-----w- C:\Program Files (x86)\Steam
2014-08-17 07:49:30 -------- d-----w- C:\Program Files (x86)\ASM104xUSB3
2014-08-17 07:47:06 276832 ----a-w- C:\Windows\System32\d3dx11_43.dll
2014-08-17 07:47:06 248672 ----a-w- C:\Windows\SysWow64\d3dx11_43.dll
2014-08-17 07:47:05 511328 ----a-w- C:\Windows\System32\d3dx10_43.dll
2014-08-17 07:47:05 470880 ----a-w- C:\Windows\SysWow64\d3dx10_43.dll
2014-08-17 07:47:04 2401112 ----a-w- C:\Windows\System32\D3DX9_43.dll
2014-08-17 07:47:04 1998168 ----a-w- C:\Windows\SysWow64\D3DX9_43.dll
2014-08-17 07:46:45 -------- d-----w- C:\Users\asesd\AppData\Local\NVIDIA Corporation
2014-08-17 07:46:44 1715224 ----a-w- C:\Windows\System32\nvspbridge64.dll
2014-08-17 07:46:44 1291280 ----a-w- C:\Windows\SysWow64\nvspbridge.dll
2014-08-17 07:46:44 1283136 ----a-w- C:\Windows\System32\nvspcap64.dll
2014-08-17 07:46:44 1126480 ----a-w- C:\Windows\SysWow64\nvspcap.dll
2014-08-17 07:45:56 609240 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
2014-08-17 07:42:52 -------- d-----w- C:\NVIDIA
2014-08-17 07:24:03 -------- d-----w- C:\Users\asesd\AppData\Local\WindowsUpdate
2014-08-17 07:19:15 -------- d-----w- C:\Users\asesd\AppData\Local\NVIDIA
2014-08-17 07:16:14 935368 ----a-w- C:\Windows\System32\nvvsvc.exe
2014-08-17 07:16:14 6783776 ----a-w- C:\Windows\System32\nvcpl.dll
2014-08-17 07:16:14 62808 ----a-w- C:\Windows\System32\nvshext.dll
2014-08-17 07:16:14 386520 ----a-w- C:\Windows\System32\nvmctray.dll
2014-08-17 07:16:14 3826628 ----a-w- C:\Windows\System32\nvcoproc.bin
2014-08-17 07:16:14 3522392 ----a-w- C:\Windows\System32\nvsvc64.dll
2014-08-17 07:16:14 2558808 ----a-w- C:\Windows\System32\nvsvcr.dll
2014-08-17 07:15:57 75040 ----a-w- C:\Windows\System32\OpenCL.dll
2014-08-17 07:15:57 61912 ----a-w- C:\Windows\SysWow64\OpenCL.dll
2014-08-17 07:13:50 -------- d-sh--w- C:\Users\asesd\AppData\Local\EmieUserList
2014-08-17 07:13:50 -------- d-sh--w- C:\Users\asesd\AppData\Local\EmieSiteList
2014-08-17 06:42:08 -------- d-----w- C:\Windows\Migration
2014-08-17 06:36:52 -------- d-----w- C:\ProgramData\NVIDIA Corporation
2014-08-17 06:36:46 -------- d-----w- C:\Program Files\NVIDIA Corporation
2014-08-17 06:36:46 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation
2014-08-17 06:34:43 -------- d-----w- C:\Windows\SysWow64\Wat
2014-08-17 06:34:43 -------- d-----w- C:\Windows\System32\Wat
2014-08-17 00:09:49 -------- d-----w- C:\d69317b486da5c950e062986e01e55
2014-08-17 00:05:53 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-08-17 00:01:11 -------- d-----w- C:\Windows\System32\MRT
2014-08-16 23:14:27 167424 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe
2014-08-16 23:14:27 164864 ----a-w- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
2014-08-16 23:14:26 12625920 ----a-w- C:\Windows\System32\wmploc.DLL
2014-08-16 23:14:26 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL
2014-08-16 22:40:00 335360 ----a-w- C:\Windows\System32\msieftp.dll
2014-08-16 22:40:00 301568 ----a-w- C:\Windows\SysWow64\msieftp.dll
2014-08-16 22:38:54 1719296 ----a-w- C:\Program Files\Windows Journal\NBDoc.DLL
2014-08-16 22:37:59 2048 ----a-w- C:\Windows\SysWow64\msxml6r.dll
2014-08-16 22:36:58 950128 ----a-w- C:\Windows\System32\drivers\ndis.sys
2014-08-16 22:35:57 751104 ----a-w- C:\Windows\System32\win32spl.dll
2014-08-16 22:34:41 985536 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2014-08-16 22:33:59 878080 ----a-w- C:\Windows\System32\advapi32.dll
2014-08-16 22:32:34 903168 ----a-w- C:\Windows\SysWow64\certutil.exe
2014-08-16 22:32:34 1192448 ----a-w- C:\Windows\System32\certutil.exe
2014-08-16 22:32:33 52224 ----a-w- C:\Windows\System32\certenc.dll
2014-08-16 22:32:33 43008 ----a-w- C:\Windows\SysWow64\certenc.dll
2014-08-16 22:32:28 202752 ----a-w- C:\Windows\System32\scrrun.dll
2014-08-16 22:32:28 168960 ----a-w- C:\Windows\System32\wscript.exe
2014-08-16 22:32:28 163840 ----a-w- C:\Windows\SysWow64\scrrun.dll
2014-08-16 22:32:28 156160 ----a-w- C:\Windows\System32\cscript.exe
2014-08-16 22:32:28 150016 ----a-w- C:\Windows\System32\wshom.ocx
2014-08-16 22:32:28 141824 ----a-w- C:\Windows\SysWow64\wscript.exe
2014-08-16 22:32:28 126976 ----a-w- C:\Windows\SysWow64\cscript.exe
2014-08-16 22:32:28 121856 ----a-w- C:\Windows\SysWow64\wshom.ocx
2014-08-16 22:31:28 99480 ----a-w- C:\Windows\SysWow64\infocardapi.dll
2014-08-16 22:31:28 619672 ----a-w- C:\Windows\SysWow64\icardagt.exe
2014-08-16 22:31:28 171160 ----a-w- C:\Windows\System32\infocardapi.dll
2014-08-16 22:31:28 1389208 ----a-w- C:\Windows\System32\icardagt.exe
2014-08-16 22:31:27 8856 ----a-w- C:\Windows\SysWow64\icardres.dll
2014-08-16 22:31:27 8856 ----a-w- C:\Windows\System32\icardres.dll
2014-08-16 22:31:13 35480 ----a-w- C:\Windows\SysWow64\TsWpfWrp.exe
2014-08-16 22:31:13 35480 ----a-w- C:\Windows\System32\TsWpfWrp.exe
2014-08-16 22:30:40 -------- d-s---w- C:\Windows\System32\CompatTel
2014-08-16 22:19:25 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
2014-08-16 22:19:24 458712 ----a-w- C:\Windows\System32\drivers\cng.sys
2014-08-16 22:19:24 155072 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2014-08-16 22:19:21 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-08-16 22:19:21 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2014-08-16 22:19:21 31232 ----a-w- C:\Windows\System32\lsass.exe
2014-08-16 22:19:21 29184 ----a-w- C:\Windows\System32\sspisrv.dll
2014-08-16 22:19:21 28160 ----a-w- C:\Windows\System32\secur32.dll
2014-08-16 22:19:21 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-08-16 22:19:21 136192 ----a-w- C:\Windows\System32\sspicli.dll
2014-08-16 22:17:50 77312 ----a-w- C:\Windows\System32\packager.dll
2014-08-16 22:17:50 67072 ----a-w- C:\Windows\SysWow64\packager.dll
2014-08-16 22:06:25 -------- d-----w- C:\Users\asesd\AppData\Roaming\OnlineArmor
2014-08-16 22:06:25 -------- d-----w- C:\ProgramData\OnlineArmor
2014-08-16 22:04:45 64720 ----a-w- C:\Windows\SysWow64\drivers\OADriver.sys
2014-08-16 22:04:45 62008 ----a-w- C:\Windows\SysWow64\drivers\oahlp64.sys
2014-08-16 22:04:45 52360 ----a-w- C:\Windows\SysWow64\drivers\OAmon.sys
2014-08-16 22:04:45 35368 ----a-w- C:\Windows\System32\drivers\OAnet.sys
2014-08-16 22:04:43 -------- d-----w- C:\Program Files (x86)\Online Armor
2014-08-16 22:04:37 -------- d-----w- C:\Users\asesd\AppData\Local\Programs
2014-08-16 22:04:31 8199504 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2014-08-16 22:04:26 10924376 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A2F53B8B-F4B7-48CC-AE06-0B75AF10B1AB}\mpengine.dll
2014-08-16 22:03:00 -------- d-----w- C:\Users\asesd\AppData\Roaming\AVAST Software
2014-08-16 22:02:35 92008 ----a-w- C:\Windows\System32\drivers\aswStm.sys
2014-08-16 22:02:34 224896 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
2014-08-16 22:02:34 1041168 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2014-08-16 22:02:33 79184 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2014-08-16 22:02:33 65776 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
2014-08-16 22:02:32 93568 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2014-08-16 22:02:32 29208 ----a-w- C:\Windows\System32\drivers\aswHwid.sys
2014-08-16 22:02:29 43152 ----a-w- C:\Windows\avastSS.scr
2014-08-16 22:00:53 -------- d-----w- C:\Program Files\AVAST Software
2014-08-16 22:00:30 -------- d-----w- C:\ProgramData\AVAST Software
2014-08-16 21:57:48 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll
2014-08-16 21:57:48 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys
2014-08-16 21:57:48 1031680 ----a-w- C:\Windows\System32\rdpcore.dll
2014-08-16 21:51:54 -------- d-----w- C:\Users\asesd\AppData\Roaming\Birdstep Technology
2014-08-16 21:51:44 1490656 ----a-w- C:\Windows\System32\WdfCoInstaller01007.dll
2014-08-16 21:51:44 1490656 ----a-w- C:\Windows\System32\drivers\WdfCoInstaller01007.dll
2014-08-16 21:50:52 -------- d-sh--w- C:\Windows\Installer
2014-08-16 21:31:01 -------- d-----w- C:\Users\asesd\AppData\Local\VirtualStore
.
==================== Find3M ====================
.
2014-08-17 00:05:53 9728 ---ha-w- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-08-07 02:06:41 529920 ----a-w- C:\Windows\System32\aepdu.dll
2014-08-07 02:01:34 424448 ----a-w- C:\Windows\System32\aeinv.dll
2014-08-05 06:20:00 270496 ------w- C:\Windows\System32\MpSigStub.exe
2014-07-25 14:02:12 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-07-25 14:01:41 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-07-25 13:30:30 66048 ----a-w- C:\Windows\System32\iesetup.dll
2014-07-25 13:28:35 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-07-25 13:28:27 548352 ----a-w- C:\Windows\System32\vbscript.dll
2014-07-25 13:25:45 83968 ----a-w- C:\Windows\System32\MshtmlDac.dll
2014-07-25 13:04:40 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-07-25 13:00:51 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-07-25 13:00:25 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-07-25 12:59:28 758272 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-07-25 12:47:25 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-07-25 12:34:49 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-07-25 12:34:03 455168 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-07-25 12:33:08 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-07-25 12:30:32 61952 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2014-07-25 12:28:15 5824512 ----a-w- C:\Windows\System32\jscript9.dll
2014-07-25 12:28:05 72704 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-07-25 12:10:15 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-07-25 12:08:47 597504 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-07-25 12:06:47 4204032 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-07-25 11:43:16 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-07-25 11:39:29 2087936 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-07-25 11:39:25 1249280 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2014-07-25 11:07:49 2001920 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-07-25 11:07:10 1068032 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2014-07-25 10:52:06 2266624 ----a-w- C:\Windows\System32\wininet.dll
2014-07-25 10:05:23 1792512 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-07-16 03:23:41 2048 ----a-w- C:\Windows\System32\tzres.dll
2014-07-16 02:46:02 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2014-07-14 02:02:45 1216000 ----a-w- C:\Windows\System32\rpcrt4.dll
2014-07-14 01:40:58 664064 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
2014-06-18 02:18:30 692736 ----a-w- C:\Windows\System32\osk.exe
2014-06-18 01:51:32 646144 ----a-w- C:\Windows\SysWow64\osk.exe
2014-06-06 10:10:34 624128 ----a-w- C:\Windows\System32\qedit.dll
2014-06-06 09:44:17 509440 ----a-w- C:\Windows\SysWow64\qedit.dll
2014-06-03 10:02:37 112064 ----a-w- C:\Windows\System32\consent.exe
2014-06-03 10:02:21 504320 ----a-w- C:\Windows\System32\msihnd.dll
2014-06-03 10:02:21 3241984 ----a-w- C:\Windows\System32\msi.dll
2014-06-03 10:02:12 1941504 ----a-w- C:\Windows\System32\authui.dll
2014-06-03 09:29:50 337408 ----a-w- C:\Windows\SysWow64\msihnd.dll
2014-06-03 09:29:50 2363392 ----a-w- C:\Windows\SysWow64\msi.dll
2014-06-03 09:29:40 1805824 ----a-w- C:\Windows\SysWow64\authui.dll
.
============= FINISH: 13:51:10,58 ===============





.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 17.8.2014 0:30:52
System Uptime: 30.8.2014 13:21:48 (0 hours ago)
.
Motherboard: ASUSTeK COMPUTER INC. | | CM6330_CM6630_CM6730_CM6830
Processor: Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz | LGA1155 | 3401/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 931 GiB total, 883,854 GiB free.
D: is CDROM ()
E: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID:
Description: SM Bus Controller
Device ID: PCI\VEN_8086&DEV_1C22&SUBSYS_844D1043&REV_05\3&11583659&0&FB
Manufacturer:
Name: SM Bus Controller
PNP Device ID: PCI\VEN_8086&DEV_1C22&SUBSYS_844D1043&REV_05\3&11583659&0&FB
Service:
.
==== System Restore Points ===================
.
RP23: 17.8.2014 15:46:10 - Installed DirectX
RP24: 17.8.2014 15:50:08 - Installed DirectX
RP25: 17.8.2014 17:17:35 - OTL Restore Point - 17.8.2014 17:17:35
RP26: 29.8.2014 21:08:02 - Windows Update
RP27: 29.8.2014 23:36:19 - Windows Update
RP28: 30.8.2014 8:37:45 - Installed ASUS Easy Update
.
==== Installed Programs ======================
.
HUAWEI 4.25.10.00
Akamai NetSession Interface
Asmedia ASM104x USB 3.0 Host Controller Driver
ASUS Easy Update 2
avast! Free Antivirus
CPUID CPU-Z 1.70
Dota 2
Heroes & Generals
Microsoft .NET Framework 4.5.1
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
Mobiililaajakaista-ohjelma
NVIDIA 3D Vision Controller Driver 340.50
NVIDIA 3D Vision Driver 340.52
NVIDIA Control Panel 340.52
NVIDIA GeForce Experience 2.1.1
NVIDIA Graphics Driver 340.52
NVIDIA HD Audio Driver 1.3.30.1
NVIDIA Install Application
NVIDIA LED Visualizer 1.0
NVIDIA Network Service
NVIDIA PhysX
NVIDIA PhysX System Software 9.13.1220
NVIDIA ShadowPlay 15.3.33
NVIDIA Stereoscopic 3D Driver
NVIDIA Update 15.3.33
NVIDIA Update Core
NVIDIA Virtual Audio 1.2.23
Online Armor 7.0
RuneScape Launcher 1.2.3
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)
SHIELD Streaming
SpeedFan (remove only)
Steam
.
==== Event Viewer Messages From Past Week ========
.
30.8.2014 13:19:32, Error: Service Control Manager [7006] - The ScRegSetValueExW call failed for Start with the following error: Access is denied.
.
==== End Of File ===========================
gaspardos
Active Member
 
Posts: 1
Joined: August 30th, 2014, 6:46 am
Advertisement
Register to Remove

Re: I think im infected

Unread postby Gary R » August 31st, 2014, 9:00 am

By posting just the DDS logs without any supporting symptoms or explanation it is likely that your log will be passed by and you will not receive the help you're looking for.

May I bring your attention to THIS topic which you should have read before posting for help. Specifically THIS section, which tells you what information we require before we can help you and why we need it.

THIS TOPIC IS NOW CLOSED

If you still need help please start a new topic with the information and logs described in the topics I have linked to.
User avatar
Gary R
Administrator
Administrator
 
Posts: 21871
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 16 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware