Some Sort of Trojan?

Animestar · 04-Jun-2012, 05:06 PM #1

Well, here's my explanation of what's going on. I usually use Google Chrome as my default browser and last night, it started giving me a weird certificate error for every single site I regularly visit like Facebook and Twitter (I attached a jpg to show what it looks like). I figured this was the sign of a virus or something so I ran AVG Free 2012 and Malwarebytes as well. AVG came up first with 2 instances of a virus titled Trojan Horse Generic_r.AWX in my Google Chrome.exe and it was unable to remove both of them. Malwarebytes detected the same thing. A different website suggested to delete malicious files in my registry so I did and now the virus is a Trojan of a different name. It seems to be jumping around all my different web browsers and the count increasing. AVG also started detecting different Trojans in windows files. Chrome doesn't open a variety of sites now, Firefox is so slow I can barely run it and AVG is detecting the virus in my Internet Explorer files. I am unable to remove these on my own. Below is my HijackThis log and DDS reports. Thank you so much for your time.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 2:40:33 PM, on 6/4/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Safe mode with network support

Running processes:
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.alienware.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.alienware.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;192.168.*.*
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {687578b9-7132-4a7a-80e4-30ee31099e03} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.0.0.9\AVG Secure Search_toolbar.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: SSOIEAddonBHO - {DA5BCE70-D057-4D63-943D-5F3927EC59F1} - C:\Program Files\Alienware\Command Center\AlienSense\FAIESSO.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.0.0.9\AVG Secure Search_toolbar.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
O4 - HKLM\..\Run: [OSD_LAUNCH] c:\Program Files (x86)\OSD\Launch.exe
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [ROC_roc_dec12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\RunOnce: [Launcher] C:\Program Files (x86)\AlienRespawn\Components\Scheduler\Launcher.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.0.2\ViProtocol.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - Winlogon Notify: FastAccess - C:\Program Files\Alienware\Command Center\AlienSense\FALogNot.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_05 6607ee0106e5e8\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Alienware Fusion Service (AlienFusionService) - Alienware - C:\Program Files\Alienware\Command Center\AlienFusionService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Futuremark SystemInfo Service - Futuremark Corporation - C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe
O23 - Service: HappyOSD - Unknown owner - C:\Program Files (x86)\OSD\OSD_Service.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MotoHelper Service (MotoHelper) - Unknown owner - C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: RoxMediaDB12OEM - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
O23 - Service: Roxio Hard Drive Watcher 12 (RoxWatch12) - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SoftThinks Agent Service (SftService) - SoftThinks SAS - C:\Program Files (x86)\AlienRespawn\sftservice.EXE
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_05 6607ee0106e5e8\STacSV64.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater11.0.2 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.0.2\ToolbarUpdater.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13594 bytes

.
DDS (Ver_2011-08-26.01) - NTFSAMD64 NETWORK
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.4.1
Run by Animestar at 14:48:07 on 2012-06-04
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8181.7035 [GMT -6:00]
.
AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Users\Animestar\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Animestar\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Animestar\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Animestar\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Animestar\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Animestar\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Users\Animestar\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\Animestar\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.alienware.com/
uDefault_Page_URL = hxxp://www.alienware.com/
uInternet Settings,ProxyOverride = *.local;192.168.*.*
uURLSearchHooks: H - No File
mWinlogon: Userinit=userinit.exe,
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: AVG Do Not Track: {31332eef-cb9f-458f-afeb-d30e9a66b6ba} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\11.0.0.9\AVG Secure Search_toolbar.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
BHO: SSOIEAddonBHO Class: {da5bce70-d057-4d63-943d-5f3927ec59f1} - C:\Program Files\Alienware\Command Center\AlienSense\FAIESSO.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - C:\Program Files (x86)\AVG Secure Search\11.0.0.9\AVG Secure Search_toolbar.dll
TB: {687578B9-7132-4A7A-80E4-30EE31099E03} - No File
uRun: [AdobeBridge]
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [<NO NAME>]
mRun: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
mRun: [OSD_LAUNCH] c:\Program Files (x86)\OSD\Launch.exe
mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun: [ROC_roc_dec12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRunOnce: [Launcher] C:\Program Files (x86)\AlienRespawn\Components\Scheduler\Launcher.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
LSP: mswsock.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
TCP: DhcpNameServer = 192.168.2.1
TCP: Interfaces\{09C0D4E5-940A-4B1A-9DA4-BA4078F9D9F4} : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{09C0D4E5-940A-4B1A-9DA4-BA4078F9D9F4}\740523 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{09C0D4E5-940A-4B1A-9DA4-BA4078F9D9F4}\75F6F6467716274675966496 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{09C0D4E5-940A-4B1A-9DA4-BA4078F9D9F4}\A457E69607562713 : DhcpNameServer = 216.187.160.17 216.187.165.2
TCP: Interfaces\{09C0D4E5-940A-4B1A-9DA4-BA4078F9D9F4}\C696E6B6379737 : DhcpNameServer = 69.145.248.4 69.146.17.2 69.144.49.29
TCP: Interfaces\{09C0D4E5-940A-4B1A-9DA4-BA4078F9D9F4}\C6F62716 : DhcpNameServer = 192.168.0.1 205.171.3.25
TCP: Interfaces\{09C0D4E5-940A-4B1A-9DA4-BA4078F9D9F4}\E65627468616573753 : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{9E6B68CF-8661-4FB6-9819-0399CEFCBCC8} : DhcpNameServer = 69.145.232.32 69.144.49.29
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.0.2\ViProtocol.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
Notify: FastAccess - C:\Program Files\Alienware\Command Center\AlienSense\FALogNot.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL
LSA: Notification Packages = scecli FAPassSync
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: AVG Do Not Track: {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
BHO-X64: AVG Do Not Track - No File
BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL
BHO-X64: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.0.0.9\AVG Secure Search_toolbar.dll
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
BHO-X64: URLRedirectionBHO - No File
BHO-X64: SSOIEAddonBHO Class: {DA5BCE70-D057-4D63-943D-5F3927EC59F1} - C:\Program Files\Alienware\Command Center\AlienSense\FAIESSO.dll
BHO-X64: SSOIEAddonBHO - No File
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
TB-X64: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB-X64: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.0.0.9\AVG Secure Search_toolbar.dll
TB-X64: {687578B9-7132-4A7A-80E4-30EE31099E03} - No File
mRun-x64: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun-x64: [(Default)]
mRun-x64: [RoxWatchTray] "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
mRun-x64: [OSD_LAUNCH] c:\Program Files (x86)\OSD\Launch.exe
mRun-x64: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun-x64: [ROC_roc_dec12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12
mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRunOnce-x64: [Launcher] C:\Program Files (x86)\AlienRespawn\Components\Scheduler\Launcher.exe
IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\Windows\system32\DRIVERS\avgidsha.sys --> C:\Windows\system32\DRIVERS\avgidsha.sys [?]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?]
R0 ioatdma;Intel(R) QuickData Technology device;C:\Windows\system32\Drivers\ioatdma.sys --> C:\Windows\system32\Drivers\ioatdma.sys [?]
R0 PxHlpa64;PxHlpa64;C:\Windows\system32\Drivers\PxHlpa64.sys --> C:\Windows\system32\Drivers\PxHlpa64.sys [?]
R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R3 Acceler;Accelerometer Service;C:\Windows\system32\DRIVERS\Acceler.sys --> C:\Windows\system32\DRIVERS\Acceler.sys [?]
R3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K;C:\Windows\system32\DRIVERS\e1k62x64.sys --> C:\Windows\system32\DRIVERS\e1k62x64.sys [?]
R3 itecir;ITECIR Infrared Receiver;C:\Windows\system32\DRIVERS\itecir.sys --> C:\Windows\system32\DRIVERS\itecir.sys [?]
R3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETw5s64.sys --> C:\Windows\system32\DRIVERS\NETw5s64.sys [?]
S1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?]
S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?]
S2 AESTFilters;Andrea ST Filters Service;C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_ne utral_056607ee0106e5e8\AESTSr64.exe [2010-12-20 89600]
S2 AlienFusionService;Alienware Fusion Service;C:\Program Files\Alienware\Command Center\AlienFusionService.exe [2010-5-21 14648]
S2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe [2012-4-30 5106744]
S2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-8-2 193288]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 HappyOSD;HappyOSD;C:\Program Files (x86)\OSD\OSD_Service.exe [2010-1-4 16384]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-2-8 13336]
S2 MotoHelper;MotoHelper Service;C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe [2011-12-6 214896]
S2 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-9-4 219632]
S2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\AlienRespawn\SftService.exe [2011-2-8 689472]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-2-29 158856]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2010-9-5 235624]
S2 vToolbarUpdater11.0.2;vToolbarUpdater11.0.2;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.0.2\ToolbarUpdater.exe [2012-5-17 932736]
S3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\avgidsdrivera.sys --> C:\Windows\system32\DRIVERS\avgidsdrivera.sys [?]
S3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\avgidsfiltera.sys --> C:\Windows\system32\DRIVERS\avgidsfiltera.sys [?]
S3 btusbflt;Bluetooth USB Filter;C:\Windows\system32\drivers\btusbflt.sys --> C:\Windows\system32\drivers\btusbflt.sys [?]
S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys --> C:\Windows\system32\DRIVERS\btwl2cap.sys [?]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\system32\DRIVERS\CtClsFlt.sys --> C:\Windows\system32\DRIVERS\CtClsFlt.sys [?]
S3 FACAP;facap, FastAccess Video Capture;C:\Windows\system32\DRIVERS\facap.sys --> C:\Windows\system32\DRIVERS\facap.sys [?]
S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe [2011-4-15 130976]
S3 IAMTVE;Driver for Intel(R) Active Management Technology - KCS;C:\Windows\system32\DRIVERS\IAMTVE.sys --> C:\Windows\system32\DRIVERS\IAMTVE.sys [?]
S3 IAMTXPE;Driver for Intel(R) Active Management Technology - KCS;C:\Windows\system32\DRIVERS\IAMTXPE.sys --> C:\Windows\system32\DRIVERS\IAMTXPE.sys [?]
S3 ioatdma1;ioatdma1;C:\Windows\system32\Drivers\qd162x64.sys --> C:\Windows\system32\Drivers\qd162x64.sys [?]
S3 ioatdma2;Intel(R) QuickData Technology device ver.2;C:\Windows\system32\Drivers\qd262x64.sys --> C:\Windows\system32\Drivers\qd262x64.sys [?]
S3 iSSetup;iSSetup;C:\Windows\system32\DRIVERS\iSSetup.sys --> C:\Windows\system32\DRIVERS\iSSetup.sys [?]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 31125880]
S3 npggsvc;nProtect GameGuard Service;C:\Windows\system32\GameMon.des -service --> C:\Windows\system32\GameMon.des -service [?]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 RoxMediaDB12OEM;RoxMediaDB12OEM;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-9-4 1116656]
S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2012-06-04 20:43:51 6172 ----a-w- C:\Windows\System32\PerfStringBackup.TMP
2012-06-04 20:37:20 388096 ----a-r- C:\Users\Animestar\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-06-04 20:37:20 -------- d-----w- C:\Program Files (x86)\Trend Micro
2012-06-04 20:26:29 -------- d-----w- C:\Users\Animestar\AppData\Local\{95DB9DBA-8302-43AB-806E-7A02ECC2BCB5}
2012-06-04 18:19:24 -------- d-----w- C:\Users\Animestar\AppData\Local\{8598A46D-8C99-4D2A-85D0-6A5D6A082D37}
2012-06-04 15:50:18 -------- d-----w- C:\Users\Animestar\AppData\Local\{0924CD53-59AC-48AD-9EF4-922A9F10D264}
2012-06-04 15:50:07 -------- d-----w- C:\Users\Animestar\AppData\Local\{CB392851-BB55-4ABB-942E-ECF55C1ED799}
2012-06-04 05:46:39 -------- d-----w- C:\Users\Animestar\AppData\Local\Google
2012-06-03 19:29:54 -------- d-----w- C:\Users\Animestar\AppData\Local\{48C599A5-B211-49E5-90F7-8786A15F6689}
2012-06-03 19:29:18 -------- d-----w- C:\Users\Animestar\AppData\Local\{88F4F170-D55E-4669-ABCB-BA12D9F9989C}
2012-06-03 06:07:56 -------- d-----w- C:\Users\Animestar\AppData\Local\{9E506F27-EC18-4DE9-9175-054005E9EB51}
2012-06-03 06:07:45 -------- d-----w- C:\Users\Animestar\AppData\Local\{7EDD04A3-6CB2-43E3-A3DF-9D2C9DE14269}
2012-06-02 15:14:08 -------- d-----w- C:\Users\Animestar\AppData\Local\{F460E907-37D9-42C0-8446-EF1930CFC5F9}
2012-06-02 15:13:57 -------- d-----w- C:\Users\Animestar\AppData\Local\{C5990178-7644-437C-83F6-58DE137C54CC}
2012-06-01 16:18:04 -------- d-----w- C:\Users\Animestar\AppData\Local\{2BE9BEB1-1A4D-4DDE-8C74-B4220AA69A92}
2012-06-01 16:17:53 -------- d-----w- C:\Users\Animestar\AppData\Local\{F2DA157C-EC8D-478A-A1D0-36B81173DFA0}
2012-06-01 16:17:43 -------- d-----w- C:\Users\Animestar\AppData\Local\{4F81526E-AB3D-4276-BBE0-E0A065639D2C}
2012-05-31 21:06:29 -------- d-----w- C:\Users\Animestar\AppData\Local\{C89EAECF-775B-4B08-AD65-0F90CA80B12E}
2012-05-31 21:06:13 -------- d-----w- C:\Users\Animestar\AppData\Local\{1898B8A9-8A58-4A73-ACC2-5517EC801EED}
2012-05-31 21:04:47 -------- d-----w- C:\Users\Animestar\AppData\Local\{BB0F28A4-8CE7-436C-9502-9525ADA8ED8D}
2012-05-31 16:20:12 -------- d-sh--w- C:\Windows\SysWow64\%APPDATA%
2012-05-31 15:14:05 -------- d-----w- C:\Users\Animestar\AppData\Local\{8BA5BD02-574D-4A7C-B490-A0A0E734DCBA}
2012-05-31 15:13:54 -------- d-----w- C:\Users\Animestar\AppData\Local\{B566447B-2309-4656-B308-B789D678B05C}
2012-05-31 04:50:58 -------- d-----w- C:\Program Files (x86)\Oracle
2012-05-31 04:50:25 772504 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2012-05-31 03:05:35 -------- d-----w- C:\Users\Animestar\AppData\Local\{080DC4F0-77F4-4EFA-A909-661F6A3E55DB}
2012-05-31 03:05:24 -------- d-----w- C:\Users\Animestar\AppData\Local\{019A9083-94D7-47EC-865D-2A8725F6032D}
2012-05-31 03:02:13 -------- d-----w- C:\Users\Animestar\AppData\Local\{1C0AC8A5-3478-4C74-8335-49C2003E6A99}
2012-05-31 03:02:02 -------- d-----w- C:\Users\Animestar\AppData\Local\{1CF36669-FBB8-4635-8A01-2236172B81FF}
2012-05-30 04:17:14 -------- d-----w- C:\Users\Animestar\AppData\Local\{38953A1F-ABDD-47D6-BBE5-290FC0251D44}
2012-05-30 04:17:02 -------- d-----w- C:\Users\Animestar\AppData\Local\{9E8C5416-E375-4FD9-B2C0-C0D03FCD84A5}
2012-05-29 15:06:18 -------- d-----w- C:\Users\Animestar\AppData\Local\{9DDD717E-585D-4B78-AD71-FBFE37657790}
2012-05-29 15:06:06 -------- d-----w- C:\Users\Animestar\AppData\Local\{8C8C5048-5E4F-443D-AFFC-EF359B9A3444}
2012-05-28 15:18:41 -------- d-----w- C:\Users\Animestar\AppData\Local\{D1DE14E9-64C5-48B4-89AC-9F1C7036AA63}
2012-05-28 15:18:35 -------- d-----w- C:\Users\Animestar\AppData\Local\{E1CE6D14-650E-449C-97BC-E63E0B670436}
2012-05-28 15:18:25 -------- d-----w- C:\Users\Animestar\AppData\Local\{FE33FC83-CD0A-486B-91F1-34543CA83AC7}
2012-05-28 15:18:14 -------- d-----w- C:\Users\Animestar\AppData\Local\{D2A4807E-9780-4A40-BA34-24CB472F2BBF}
2012-05-27 15:34:09 -------- d-----w- C:\Users\Animestar\AppData\Local\{E6325BAD-58DB-47D3-A63F-F0E6B186C547}
2012-05-27 15:33:58 -------- d-----w- C:\Users\Animestar\AppData\Local\{D1921E99-3661-4743-BE4C-C8F44F6D9A7F}
2012-05-27 03:01:51 -------- d-----w- C:\Users\Animestar\AppData\Local\{2D6903BF-5ACC-481B-BFC8-B243161AD9D7}
2012-05-27 03:01:40 -------- d-----w- C:\Users\Animestar\AppData\Local\{6F4010ED-8003-48B9-ABD6-56B631E37162}
2012-05-27 02:45:59 -------- d-----w- C:\Users\Animestar\AppData\Local\{F9525044-A8D7-473C-97B1-0065FB7AAF7D}
2012-05-26 14:04:45 -------- d-----w- C:\Users\Animestar\AppData\Local\{8D0695C3-14C6-4283-9322-38FFD8F1D418}
2012-05-26 14:04:34 -------- d-----w- C:\Users\Animestar\AppData\Local\{376A503F-B7CC-4133-BABA-30684BB94E61}
2012-05-26 13:57:43 -------- d-----w- C:\Users\Animestar\AppData\Local\{7ADA529C-08AA-447A-BCA2-1327EB8BE44B}
2012-05-25 15:14:52 -------- d-----w- C:\Users\Animestar\AppData\Local\{55B95A73-C70D-4E51-9F61-9552F6835B98}
2012-05-25 15:14:41 -------- d-----w- C:\Users\Animestar\AppData\Local\{D489A9FF-AF30-4ABF-ADE7-4C29DC2B600B}
2012-05-24 15:27:23 -------- d-----w- C:\Users\Animestar\AppData\Local\{BBA0FB7F-E224-4DC5-915D-A30401CC55A3}
2012-05-24 15:27:12 -------- d-----w- C:\Users\Animestar\AppData\Local\{6D357BD4-1A64-44AC-A0D7-AC1353A41BF4}
2012-05-24 15:27:02 -------- d-----w- C:\Users\Animestar\AppData\Local\{D8776B15-D8BE-486E-BE44-0B3E3B7CC557}
2012-05-24 15:03:44 -------- d-----w- C:\Users\Animestar\AppData\Local\{97836BCE-4527-4F1E-ADCC-66C6137558F9}
2012-05-23 20:24:51 -------- d-----w- C:\Users\Animestar\AppData\Local\{FF22997A-884B-4877-AC2E-32D686A7C17C}
2012-05-23 20:24:40 -------- d-----w- C:\Users\Animestar\AppData\Local\{510F76B6-320B-427C-9207-9196F2D82891}
2012-05-23 20:24:10 -------- d-----w- C:\Users\Animestar\AppData\Local\{C7F1B7D5-BEEB-42BE-976B-3321B2B8D8A4}
2012-05-23 20:23:58 -------- d-----w- C:\Users\Animestar\AppData\Local\{15F92DC1-D46B-4DE8-8F25-0A2E4D9AA288}
2012-05-23 17:32:54 -------- d-----w- C:\Users\Animestar\AppData\Local\{CA7D7810-CF84-4452-9EF3-86BD126C5899}
2012-05-23 14:32:51 -------- d-----w- C:\Users\Animestar\AppData\Local\{56AF8972-4AC4-4458-9FC7-77EF2CA3CE33}
2012-05-22 15:25:52 -------- d-----w- C:\Users\Animestar\AppData\Local\{E8C41D1E-E324-4804-BDB8-2FA703C2FD79}
2012-05-22 15:25:41 -------- d-----w- C:\Users\Animestar\AppData\Local\{CCCF5BEB-12C8-4B3F-B347-6BFAB0A16C5E}
2012-05-21 15:11:55 -------- d-----w- C:\Users\Animestar\AppData\Local\{3E737CE9-1110-4CD6-95FA-F4F27E8BB2D1}
2012-05-21 15:11:44 -------- d-----w- C:\Users\Animestar\AppData\Local\{E999D35F-633B-4215-A3CC-E7162B5EC31F}
2012-05-20 15:33:34 -------- d-----w- C:\Users\Animestar\AppData\Local\{593DD3C1-7AE1-4F09-9CE0-32F18B87080B}
2012-05-20 15:33:23 -------- d-----w- C:\Users\Animestar\AppData\Local\{050F164C-1EB1-4B3C-B519-432B19E2F97A}
2012-05-20 00:36:03 -------- d-----w- C:\Users\Animestar\AppData\Local\CRE
2012-05-20 00:36:01 -------- d-----w- C:\Program Files (x86)\Conduit
2012-05-20 00:36:00 -------- d-----w- C:\Users\Animestar\AppData\Local\Conduit
2012-05-19 20:12:33 -------- d-----w- C:\Users\Animestar\AppData\Local\{20FC64E5-A123-4814-9C6B-3ABF8E1B4F8C}
2012-05-19 20:12:22 -------- d-----w- C:\Users\Animestar\AppData\Local\{2FC0320F-6D85-43C3-BFE2-0C7A4E4104DC}
2012-05-19 05:17:59 -------- d-----w- C:\Users\Animestar\AppData\Local\{7CEE7D17-3616-4C31-B2C3-67D82FC3451F}
2012-05-19 05:17:48 -------- d-----w- C:\Users\Animestar\AppData\Local\{162EAB2E-7E83-45B2-981A-8F9B0611FC59}
2012-05-19 04:50:23 -------- d-----w- C:\Users\Animestar\AppData\Local\{2947FE1C-004C-4492-8D96-6EF157524E0E}
2012-05-19 04:50:12 -------- d-----w- C:\Users\Animestar\AppData\Local\{CA3175AD-2DEE-4CE5-A8CD-04124A8AE9AC}
2012-05-18 15:34:05 -------- d-----w- C:\Users\Animestar\AppData\Local\{E48FE7D4-9FBA-45CF-BCE1-1401AB6A0805}
2012-05-18 15:33:54 -------- d-----w- C:\Users\Animestar\AppData\Local\{C5C2DE21-D2DB-42CB-91B8-445B1C14D8ED}
2012-05-18 15:17:59 -------- d-----w- C:\Users\Animestar\AppData\Local\{5EF9919B-74BD-4514-ACB3-D89E6ABDEC6C}
2012-05-18 15:17:47 -------- d-----w- C:\Users\Animestar\AppData\Local\{06FF82F3-178B-4154-8754-5DA0D58D1F74}
2012-05-18 00:17:34 -------- d-----w- C:\Users\Animestar\AppData\Local\AVG Secure Search
2012-05-18 00:17:27 -------- d-----w- C:\Program Files (x86)\AVG Secure Search
2012-05-17 15:09:33 -------- d-----w- C:\Users\Animestar\AppData\Local\{07A506CD-B765-432F-A8FA-F6AB33A0E2ED}
2012-05-17 15:09:22 -------- d-----w- C:\Users\Animestar\AppData\Local\{F6F52BA1-2917-4E6F-81BD-39D50D204D43}
2012-05-16 15:14:13 -------- d-----w- C:\Users\Animestar\AppData\Local\{F6A9AC7C-6BA5-4F4A-A989-B32205C695C7}
2012-05-16 15:14:02 -------- d-----w- C:\Users\Animestar\AppData\Local\{076061BC-11CE-437E-81E8-D038CB384C55}
2012-05-15 22:58:50 -------- d-----w- C:\Users\Animestar\AppData\Local\{C95B65DF-0476-4042-9479-2FE2D4795812}
2012-05-15 22:58:39 -------- d-----w- C:\Users\Animestar\AppData\Local\{92DDF963-9F07-48FF-8296-212E4EB44405}
2012-05-12 13:52:55 -------- d-----w- C:\Users\Animestar\AppData\Local\{9086410F-44C8-43E1-A251-0B3986A6E594}
2012-05-11 14:15:11 -------- d-----w- C:\Users\Animestar\AppData\Local\{29DA77CB-93E1-498B-9832-0D78C110E98C}
2012-05-11 14:15:00 -------- d-----w- C:\Users\Animestar\AppData\Local\{D59AB74B-D58A-4478-96D6-1C0490D69854}
2012-05-10 16:13:54 -------- d-----w- C:\Users\Animestar\AppData\Local\{04C0DFF0-559E-45A7-BD0D-8BC252BA9A82}
2012-05-10 16:13:43 -------- d-----w- C:\Users\Animestar\AppData\Local\{AA195D26-A1B2-42E4-97BF-8A80A0B5CA95}
2012-05-10 03:37:28 -------- d-----w- C:\Users\Animestar\AppData\Local\{0DC3D560-C65B-49E3-9A4D-2FDB8A595D89}
2012-05-10 03:37:17 -------- d-----w- C:\Users\Animestar\AppData\Local\{2CF021E6-1B04-46AD-A1E4-11AC56835BA4}
2012-05-09 14:41:37 -------- d-----w- C:\Users\Animestar\AppData\Local\{25699F67-70C3-4B54-8F8E-5D2E9AD86494}
2012-05-09 14:41:26 -------- d-----w- C:\Users\Animestar\AppData\Local\{CB26A149-F910-4F59-BE62-00F761796FF8}
2012-05-08 14:48:44 -------- d-----w- C:\Users\Animestar\AppData\Local\{46BC5A14-D222-4CA6-A192-B56081A356EB}
2012-05-08 14:48:33 -------- d-----w- C:\Users\Animestar\AppData\Local\{271D075D-875E-41C2-981C-08D4A320DB08}
2012-05-08 03:22:06 -------- d-----w- C:\Users\Animestar\AppData\Local\{47BEC0AF-70F9-4B1D-8A88-2529A218C67A}
2012-05-07 13:14:34 -------- d-----w- C:\Users\Animestar\AppData\Local\{B710F9BF-5A34-4646-9349-EE37695C779E}
2012-05-07 13:14:23 -------- d-----w- C:\Users\Animestar\AppData\Local\{DEB37312-74A3-441A-A822-A8CB4BE9BE6D}
2012-05-06 20:19:33 -------- d-----w- C:\Users\Animestar\AppData\Local\{8B046CCA-9586-4166-B909-85A93A8E8E66}
2012-05-06 20:19:21 -------- d-----w- C:\Users\Animestar\AppData\Local\{1625FB83-687A-4130-8254-9B7490019D1A}
2012-05-06 15:23:28 -------- d-----w- C:\Users\Animestar\AppData\Local\{0B10AAE3-5E30-4682-8027-4C70E483DDB5}
2012-05-06 06:41:11 -------- d-----w- C:\Users\Animestar\AppData\Local\{71914D99-FCD3-414C-8B7C-1181634F8F5D}
.
==================== Find3M ====================
.
2012-05-31 16:17:46 70304 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-05-31 16:17:46 419488 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2012-04-19 10:50:26 28480 ----a-w- C:\Windows\System32\drivers\avgidsha.sys
2012-04-19 02:56:30 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx
2012-04-19 02:56:30 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts
2012-04-05 00:47:02 687504 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2012-04-04 21:56:40 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-03-31 06:05:57 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe
2012-03-31 04:39:37 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2012-03-31 04:39:37 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2012-03-31 03:10:03 3146240 ----a-w- C:\Windows\System32\win32k.sys
2012-03-30 11:35:47 1918320 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2012-03-19 11:17:26 383808 ----a-w- C:\Windows\System32\drivers\avgtdia.sys
2012-03-17 07:58:57 75120 ----a-w- C:\Windows\System32\drivers\partmgr.sys
2012-03-09 00:50:28 49016 ----a-w- C:\Windows\SysWow64\sirenacm.dll
2012-03-09 00:37:20 302448 ----a-w- C:\Windows\WLXPGSS.SCR
.
============= FINISH: 14:51:36.17 ===============

Animestar · 05-Jun-2012, 11:05 AM #2

I use my computer so much, please help me.

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)

Some Sort of Trojan?

Find the solution to your computer problem!

Find the solution to your
computer problem!