1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Antivirus software doesn't detect virus!

Discussion in 'Virus & Other Malware Removal' started by fsgrejer, Sep 17, 2012.

Thread Status:
Not open for further replies.
Advertisement
  1. fsgrejer

    fsgrejer Thread Starter

    Joined:
    Sep 10, 2012
    Messages:
    6
    Hi!

    I have a virus no antivirus can detect. I've also tried spybot etc.
    Please help!

    Here's some info:

    Tech Support Guy System Info Utility version 1.0.0.2
    OS Version: Microsoft Windows 7 Home Premium, Service Pack 1, 64 bit
    Processor: Intel(R) Core(TM) i7-2630QM CPU @ 2.00GHz, Intel64 Family 6 Model 42 Stepping 7
    Processor Count: 8
    RAM: 6055 Mb
    Graphics Card: NVIDIA GeForce GT 520M, 1023 Mb
    Hard Drives: C: Total - 286160 MB, Free - 69665 MB; D: Total - 403639 MB, Free - 337693 MB;
    Motherboard: ASUSTeK Computer Inc., K53SJ
    Antivirus: ESET NOD32 Antivirus 5.2, Updated and Enabled



    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 11:30:23, on 2012-09-17
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v9.00 (9.00.8112.16448)
    Boot mode: Normal
    Running processes:
    C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
    C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
    C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Users\Micke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6GFZO3HB\SysInfo.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Users\Micke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EKSJ2CCL\HijackThis.exe
    C:\Windows\SysWOW64\DllHost.exe
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.techsupportforum.com/forums/f50/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
    O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
    O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
    O2 - BHO: WOT Helper - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files (x86)\WOT\WOT.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    O3 - Toolbar: WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll
    O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
    O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
    O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
    O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
    O4 - HKLM\..\Run: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
    O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
    O4 - HKLM\..\Run: [CommonToolkitTray] C:\Program Files (x86)\Fighters\Tray\FightersTray.exe
    O4 - HKLM\..\Run: [SWPROguard] C:\Program Files (x86)\Fighters\SPYWAREfighter\swprotray.exe
    O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [KSS] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe" /autorun
    O4 - Global Startup: FancyStart daemon.lnk = ?
    O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
    O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
    O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O15 - Trusted Zone: http://www.samsungsetup.com
    O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/select/asusTek_sys_ctrl3.cab
    O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
    O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    O18 - Protocol: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files (x86)\WOT\WOT.dll
    O20 - AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
    O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
    O23 - Service: PC Agent Service (AgentService) - Unknown owner - C:\Program Files (x86)\AgentService/AgentService.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
    O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
    O23 - Service: AV Engine Scanning Service - Preventon Technologies Limited - C:/Program Files (x86)/Common Files/Common Toolkit Suite/AVEngine/AVScanningService.exe
    O23 - Service: AV Watch Service - Preventon Technologies Limited - C:/Program Files (x86)/Common Files/Common Toolkit Suite/AVEngine/AVWatchService.exe
    O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: Kaspersky Security Scan Service (KSS) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
    O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
    O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: SpyHunter 4 Service - Enigma Software Group USA, LLC. - C:\PROGRA~1\ENIGMA~1\SPYHUN~1\SH4SER~1.EXE
    O23 - Service: Suite Service - SPAMfighter ApS - C:\Program Files (x86)\Fighters\FighterSuiteService.exe
    O23 - Service: Intel(R) Turbo Boost Technology Monitor (TurboBoost) - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: Windows Media Player Network Sharing Service (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
    --
    End of file - 11382 bytes





    .
    DDS (Ver_2011-08-26.01) - NTFSAMD64
    Internet Explorer: 9.0.8112.16421
    Run by Micke at 0:20:50 on 2012-09-10
    .
    ============== Running Processes ===============
    .
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://asus.msn.com
    mStart Page = hxxp://asus.msn.com
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    BHO: AVG Do Not Track: {31332eef-cb9f-458f-afeb-d30e9a66b6ba} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
    BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
    BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
    BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
    BHO: CIESpeechBHO Class: {8d10f6c4-0e01-4bd4-8601-11ac1fdf8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
    BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
    TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
    uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
    mRun: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
    mRun: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
    mRun: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
    mRun: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
    mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
    mRun: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\FANCYS~1.LNK - C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe
    StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\3.0.271\SSScheduler.exe
    mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
    mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    IE: {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll
    IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
    IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
    Trusted Zone: samsungsetup.com\www
    DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} - hxxp://support.asus.com/select/asusTek_sys_ctrl3.cab
    DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} - hxxp://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
    TCP: DhcpNameServer = 192.168.1.1
    TCP: Interfaces\{290BC608-EDCF-4597-B187-8E331E7A731F} : DhcpNameServer = 80.251.201.177 80.251.201.178
    TCP: Interfaces\{63042B4F-CDAD-4E50-8361-A79FAC450DC4} : DhcpNameServer = 192.168.1.1
    TCP: Interfaces\{63042B4F-CDAD-4E50-8361-A79FAC450DC4}\84F64756C6449616C6F67623 : DhcpNameServer = 192.168.1.109
    TCP: Interfaces\{63042B4F-CDAD-4E50-8361-A79FAC450DC4}\84F64756C6449616C6F67633 : DhcpNameServer = 192.168.1.1
    TCP: Interfaces\{63042B4F-CDAD-4E50-8361-A79FAC450DC4}\D496473686 : DhcpNameServer = 80.251.201.177 80.251.201.178
    TCP: Interfaces\{F12E96C4-04D8-4F9B-AA82-B94235CF54DE} : DhcpNameServer = 80.251.201.177 80.251.201.178
    Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    AppInit_DLLs: C:\Windows\SysWOW64\nvinit.dll
    {18DF081C-E8AD-4283-A596-FA578C2EBDC3}
    {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA}
    {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
    {53707962-6F74-2D53-2644-206D7942484F}
    {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
    {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}
    {9030D464-4C02-4ABF-8ECC-5164760863C6}
    {AA58ED58-01DD-4d91-8333-CF10577473F7}
    {AF69DE43-7D58-4638-B6FA-CE66B5AD205D}
    {C84D72FE-E17D-4195-BB24-76C02E2E7C4E}
    {DBC80044-A445-435b-BC74-9C25C1C588A9}
    {2318C2B1-4965-11d4-9B18-009027A5CD4F}
    mRun-x64: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
    mRun-x64: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
    mRun-x64: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
    mRun-x64: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
    mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
    mRun-x64: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
    AppInit_DLLs-X64: C:\Windows\SysWOW64\nvinit.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    .
    =============== Created Last 30 ================
    .
    2012-09-09 22:09:05 110080 ----a-r- C:\Users\Micke\AppData\Roaming\Microsoft\Installer\{8C5C34C7-BC6B-4831-8B2C-6535FE63E502}\IconF7A21AF7.exe
    2012-09-09 22:09:05 110080 ----a-r- C:\Users\Micke\AppData\Roaming\Microsoft\Installer\{8C5C34C7-BC6B-4831-8B2C-6535FE63E502}\IconD7F16134.exe
    2012-09-09 22:09:05 110080 ----a-r- C:\Users\Micke\AppData\Roaming\Microsoft\Installer\{8C5C34C7-BC6B-4831-8B2C-6535FE63E502}\Icon1226A4C5.exe
    2012-09-09 22:09:04 -------- d-----w- C:\sh4ldr
    2012-09-09 22:09:04 -------- d-----w- C:\Program Files\Enigma Software Group
    2012-09-09 22:05:52 -------- d-----w- C:\Windows\8C5C34C7BC6B48318B2C6535FE63E502.TMP
    2012-09-09 22:05:51 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard
    2012-09-09 21:48:53 -------- d-sh--w- C:\$RECYCLE.BIN
    2012-09-09 20:50:15 98816 ----a-w- C:\Windows\sed.exe
    2012-09-09 20:50:15 518144 ----a-w- C:\Windows\SWREG.exe
    2012-09-09 20:50:15 256000 ----a-w- C:\Windows\PEV.exe
    2012-09-09 20:50:15 208896 ----a-w- C:\Windows\MBR.exe
    2012-09-09 20:48:16 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
    2012-09-09 20:48:16 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
    2012-09-09 17:55:14 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{46A88446-F421-4FE8-A068-1B6FD34513C7}\offreg.dll
    2012-09-09 17:44:56 33800 ----a-w- C:\Windows\System32\drivers\pavboot64.sys
    2012-09-09 17:44:54 -------- d-----w- C:\Program Files (x86)\Panda Security
    2012-09-09 17:37:48 -------- d-----w- C:\Program Files (x86)\Common Files\Symantec Shared
    2012-09-09 17:36:30 -------- d-----w- C:\ProgramData\Symantec
    2012-09-09 17:36:28 -------- d-----w- C:\Windows\System32\drivers\NSSx64\0307020.005
    2012-09-09 17:36:28 -------- d-----w- C:\Windows\System32\drivers\NSSx64
    2012-09-09 17:36:28 -------- d-----w- C:\Program Files (x86)\Norton Security Scan
    2012-09-09 17:36:27 -------- d-----w- C:\ProgramData\Norton
    2012-09-09 17:36:26 -------- d-----w- C:\ProgramData\NortonInstaller
    2012-09-09 17:36:26 -------- d-----w- C:\Program Files (x86)\NortonInstaller
    2012-09-09 17:28:42 56016 ----a-w- C:\Windows\System32\drivers\fsbts.sys
    2012-09-09 17:24:23 -------- d-----w- C:\ProgramData\McAfee Security Scan
    2012-09-09 17:24:16 -------- d-----w- C:\Program Files (x86)\McAfee Security Scan
    2012-09-09 17:21:24 -------- d-----w- C:\Users\Micke\AppData\Local\MFAData
    2012-09-09 17:21:24 -------- d-----w- C:\Users\Micke\AppData\Local\Avg2013
    2012-09-09 16:36:29 8602168 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
    2012-09-09 16:36:23 9310152 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{46A88446-F421-4FE8-A068-1B6FD34513C7}\mpengine.dll
    2012-09-09 16:09:34 295936 ----a-w- C:\Windows\SysWow64\appmgr.dll
    2012-09-09 16:09:34 -------- d-----w- C:\Windows\SysWow64\GPBAK
    2012-09-09 16:09:33 707354 ----a-w- C:\Windows\unins000.exe
    2012-09-01 08:09:49 -------- d-----w- C:\Users\Micke\AppData\Roaming\Canneverbe Limited
    2012-09-01 08:09:49 -------- d-----w- C:\ProgramData\Canneverbe Limited
    2012-08-31 10:24:52 43520 ----a-w- C:\Windows\SysWow64\CmdLineExt03.dll
    2012-08-29 06:30:25 -------- d-----w- C:\Program Files (x86)\playstation emu
    2012-08-28 19:24:43 -------- d-----w- C:\Program Files\iPod
    2012-08-28 19:24:42 -------- d-----w- C:\Program Files\iTunes
    2012-08-28 19:24:42 -------- d-----w- C:\Program Files (x86)\iTunes
    2012-08-28 19:22:05 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin7.dll
    2012-08-28 19:22:05 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin6.dll
    2012-08-28 19:22:05 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin5.dll
    2012-08-28 19:22:05 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin4.dll
    2012-08-28 19:22:05 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin3.dll
    2012-08-28 19:22:05 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin2.dll
    2012-08-28 19:22:05 159744 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\npqtplugin.dll
    2012-08-16 12:48:17 552960 ----a-w- C:\Windows\System32\drivers\bthport.sys
    2012-08-16 02:32:34 751104 ----a-w- C:\Windows\System32\win32spl.dll
    2012-08-16 02:32:34 67072 ----a-w- C:\Windows\splwow64.exe
    2012-08-16 02:32:34 559104 ----a-w- C:\Windows\System32\spoolsv.exe
    2012-08-16 02:32:34 492032 ----a-w- C:\Windows\SysWow64\win32spl.dll
    2012-08-16 02:32:21 59392 ----a-w- C:\Windows\System32\browcli.dll
    2012-08-16 02:32:21 41984 ----a-w- C:\Windows\SysWow64\browcli.dll
    2012-08-16 02:32:21 136704 ----a-w- C:\Windows\System32\browser.dll
    2012-08-16 02:32:19 3148800 ----a-w- C:\Windows\System32\win32k.sys
    2012-08-16 02:32:18 956928 ----a-w- C:\Windows\System32\localspl.dll
    2012-08-16 02:32:17 503808 ----a-w- C:\Windows\System32\srcore.dll
    2012-08-16 02:32:17 43008 ----a-w- C:\Windows\SysWow64\srclient.dll
    .
    ==================== Find3M ====================
    .
    2012-08-31 09:50:40 73416 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2012-08-31 09:50:40 696520 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
    2012-07-05 20:06:30 772544 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
    2012-07-05 20:06:20 687544 ----a-w- C:\Windows\SysWow64\deployJava1.dll
    2012-07-03 10:11:59 45056 ----a-w- C:\Windows\System32\acovcnt.exe
    2012-06-29 03:56:34 2312704 ----a-w- C:\Windows\System32\jscript9.dll
    2012-06-29 03:49:11 1392128 ----a-w- C:\Windows\System32\wininet.dll
    2012-06-29 03:48:07 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl
    2012-06-29 03:43:49 173056 ----a-w- C:\Windows\System32\ieUnatt.exe
    2012-06-29 03:39:48 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
    2012-06-29 00:16:58 1800704 ----a-w- C:\Windows\SysWow64\jscript9.dll
    2012-06-29 00:09:01 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll
    2012-06-29 00:08:59 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
    2012-06-29 00:04:43 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
    2012-06-29 00:00:45 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    .
    ============= FINISH: 0:22:44,24 ===============



    GMER 1.0.15.15641 - http://www.gmer.net
    Rootkit scan 2012-09-10 09:06:25
    Windows 6.1.7601 Service Pack 1
    Running: gmer.exe

    ---- Registry - GMER 1.0.15 ----
    Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0025d3b2962e
    Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\742f68352e25
    Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
    Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\[email protected] 0x00 0x00 0x00 0x00 ...
    Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\[email protected] 0
    Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\[email protected] 0x50 0x58 0x6B 0xF6 ...
    Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0025d3b2962e (not active ControlSet)
    Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\742f68352e25 (not active ControlSet)
    Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
    Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\[email protected] 0x00 0x00 0x00 0x00 ...
    Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\[email protected] 0
    Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\[email protected] 0x50 0x58 0x6B 0xF6 ...
    ---- EOF - GMER 1.0.15 ----
     

    Attached Files:

  2. dvk01

    dvk01 Moderator Malware Specialist

    Joined:
    Dec 14, 2002
    Messages:
    56,236
    First Name:
    Derek
    what makes you think that you have a virus that nothing detects
    Exactly what is happening
    Do you get diverts or pop ups or what sort of strange behaviour is concerning you
    Without you giving us full details we have no way of even attempting to offer you any help
     
  3. fsgrejer

    fsgrejer Thread Starter

    Joined:
    Sep 10, 2012
    Messages:
    6
    I'm finding tracking cookies that i can't remove. My antivirus I had when it happened (AVG Free) doesn't work anymore but remains. The interface is unreadable full with @ everywhere.
    Some programs like AVG, spyware killer and spyware hunter I can't uninstall. They just reappear.
    The login takes about 5-10 minutes. My google chrome browser doesn't work either.
    The antivirus I have now becomes inactive at startup.
     
  4. dvk01

    dvk01 Moderator Malware Specialist

    Joined:
    Dec 14, 2002
    Messages:
    56,236
    First Name:
    Derek
    tracking cookies are normal& you will get them immediately you turn on your browser


    uninstall spybot then you will be able to get rid of AVg and all the other junk
    post back after you have done that & let us know how it is
     
  5. fsgrejer

    fsgrejer Thread Starter

    Joined:
    Sep 10, 2012
    Messages:
    6
    Thanks! That did the trick and also clean the registry!

    /fsgrejer
     
  6. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1069246

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice